{"containers": {"cna": {"affected": [{"product": "glibc", "vendor": "GNU Libc", "versions": [{"status": "affected", "version": "current (At least as of 2018-02-16)"}]}], "descriptions": [{"lang": "en", "value": "GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat."}], "problemTypes": [{"descriptions": [{"description": "Re-mapping current loaded libray with malicious ELF file", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-11-16T19:43:22", "orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8", "shortName": "dwf"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851"}, {"name": "109167", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/109167"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&amp%3Butm_medium=RSS"}, {"name": "CVE-2019-1010023", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://security-tracker.debian.org/tracker/CVE-2019-1010023"}, {"name": "CVE-2019-1010023", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://ubuntu.com/security/CVE-2019-1010023"}], "tags": ["disputed"], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve-assign@distributedweaknessfiling.org", "ID": "CVE-2019-1010023", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "glibc", "version": {"version_data": [{"version_value": "current (At least as of 2018-02-16)"}]}}]}, "vendor_name": "GNU Libc"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Re-mapping current loaded libray with malicious ELF file"}]}]}, "references": {"reference_data": [{"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", "refsource": "MISC", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851"}, {"name": "109167", "refsource": "BID", "url": "http://www.securityfocus.com/bid/109167"}, {"name": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS"}, {"name": "CVE-2019-1010023", "refsource": "DEBIAN", "url": "https://security-tracker.debian.org/tracker/CVE-2019-1010023"}, {"name": "CVE-2019-1010023", "refsource": "UBUNTU", "url": "https://ubuntu.com/security/CVE-2019-1010023"}]}}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-06-11T18:42:21.452782Z", "id": "CVE-2019-1010023", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-11T18:43:16.622Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:07:18.214Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851"}, {"name": "109167", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/109167"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&amp%3Butm_medium=RSS"}, {"name": "CVE-2019-1010023", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://security-tracker.debian.org/tracker/CVE-2019-1010023"}, {"name": "CVE-2019-1010023", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://ubuntu.com/security/CVE-2019-1010023"}]}]}, "cveMetadata": {"assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8", "assignerShortName": "dwf", "cveId": "CVE-2019-1010023", "datePublished": "2019-07-15T03:09:37", "dateReserved": "2019-03-20T00:00:00", "dateUpdated": "2024-08-05T03:07:18.214Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://www.securityfocus.com/bid/109167", "name": "109167", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}, {"url": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&amp%3Butm_medium=RSS", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", "name": "CVE-2019-1010023", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"]}, {"url": "https://ubuntu.com/security/CVE-2019-1010023", "name": "CVE-2019-1010023", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:07:18.214Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2019-1010023", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-11T18:42:21.452782Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-11T18:43:07.017Z"}}], "cna": {"tags": ["disputed"], "affected": [{"vendor": "GNU Libc", "product": "glibc", "versions": [{"status": "affected", "version": "current (At least as of 2018-02-16)"}]}], "references": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", "tags": ["x_refsource_MISC"]}, {"url": "http://www.securityfocus.com/bid/109167", "name": "109167", "tags": ["vdb-entry", "x_refsource_BID"]}, {"url": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&amp%3Butm_medium=RSS", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", "name": "CVE-2019-1010023", "tags": ["vendor-advisory", "x_refsource_DEBIAN"]}, {"url": "https://ubuntu.com/security/CVE-2019-1010023", "name": "CVE-2019-1010023", "tags": ["vendor-advisory", "x_refsource_UBUNTU"]}], "descriptions": [{"lang": "en", "value": "GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Re-mapping current loaded libray with malicious ELF file"}]}], "providerMetadata": {"orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8", "shortName": "dwf", "dateUpdated": "2020-11-16T19:43:22"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "current (At least as of 2018-02-16)"}]}, "product_name": "glibc"}]}, "vendor_name": "GNU Libc"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", "refsource": "MISC"}, {"url": "http://www.securityfocus.com/bid/109167", "name": "109167", "refsource": "BID"}, {"url": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", "name": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS", "refsource": "CONFIRM"}, {"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", "name": "CVE-2019-1010023", "refsource": "DEBIAN"}, {"url": "https://ubuntu.com/security/CVE-2019-1010023", "name": "CVE-2019-1010023", "refsource": "UBUNTU"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Re-mapping current loaded libray with malicious ELF file"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2019-1010023", "STATE": "PUBLIC", "ASSIGNER": "cve-assign@distributedweaknessfiling.org"}}}}, "cveMetadata": {"cveId": "CVE-2019-1010023", "state": "PUBLISHED", "dateUpdated": "2024-08-05T03:07:18.214Z", "dateReserved": "2019-03-20T00:00:00", "assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8", "datePublished": "2019-07-15T03:09:37", "assignerShortName": "dwf"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:glibc:-:*:*:*:*:*:*:*", "matchCriteriaId": "68D5A70D-5CEE-4E19-BF35-0245A0E0F6BC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [{"sourceIdentifier": "josh@bress.net", "tags": ["disputed"]}], "descriptions": [{"lang": "en", "value": "GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat."}, {"lang": "es", "value": "** EN DISPUTA ** La corriente de GNU Libc est\u00e1 afectada por: Re-asignaci\u00f3n de la biblioteca cargada actual con un archivo ELF malicioso. El impacto es: En el peor de los casos el atacante puede evaluar los privilegios. El componente es: libld. El vector de ataque es: El atacante env\u00eda 2 archivos ELF a la v\u00edctima y le pide que ejecute ldd en \u00e9l. ldd ejecuta el c\u00f3digo. NOTA: Los comentarios de arriba indican que \"esto est\u00e1 siendo tratado como un error de seguridad y no una amenaza real\"."}], "id": "CVE-2019-1010023", "lastModified": "2024-08-05T03:15:25.183", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2019-07-15T04:15:13.397", "references": [{"source": "josh@bress.net", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/109167"}, {"source": "josh@bress.net", "url": "https://security-tracker.debian.org/tracker/CVE-2019-1010023"}, {"source": "josh@bress.net", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851"}, {"source": "josh@bress.net", "url": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&amp%3Butm_medium=RSS"}, {"source": "josh@bress.net", "url": "https://ubuntu.com/security/CVE-2019-1010023"}], "sourceIdentifier": "josh@bress.net", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", "id": "1773916", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1773916"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-20", "details": ["GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.", "It was discovered that when executing `ldd` on a malicious file, it is possible to execute code because of the way libraries are loaded into the process memory. An attacker may trick a victim user into running `ldd` on malicious files, thus executing code with their privileges."], "mitigation": {"lang": "en:us", "value": "Use `objdump -p /path/to/program | grep NEEDED` instead of `ldd` when you want to get the library dependencies of an untrusted executable. However this just returns the direct dependencies of the program, so it should be manually run against all the needed libraries to get the entire dependency tree as `ldd` does."}, "name": "CVE-2019-1010023", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Out of support scope", "package_name": "glibc", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "glibc", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "glibc", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "glibc", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2019-07-15T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-1010023\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-1010023"], "statement": "`ldd` is not intended to be executed on untrusted binaries, so a user should be very careful on what he runs `ldd` on.", "threat_severity": "Low"}