Lucene search
Redhat.comRH:CVE-2019-1010023HistoryNov 19, 2019 - 10:38 a.m.
CVE-2019-1010023
2019-11-1910:38:11
redhat.com
access.redhat.com
13
0.012 Low
EPSS
Percentile
85.3%
It was discovered that when executing ldd on a malicious file, it is possible to execute code because of the way libraries are loaded into the process memory. An attacker may trick a victim user into running ldd on malicious files, thus executing code with their privileges.
Mitigation
Use objdump -p /path/to/program | grep NEEDED instead of ldd when you want to get the library dependencies of an untrusted executable. However this just returns the direct dependencies of the program, so it should be manually run against all the needed libraries to get the entire dependency tree as ldd does.
Related
f5
f5
K11932200 : glibc vulnerability CVE-2019-1010023
2019-10-09 00:00:00
cvelist
cvelist
CVE-2019-1010023
2019-07-15 03:09:37
debiancve
debiancve
CVE-2019-1010023
2019-07-15 04:15:13
vulnrichment
vulnrichment
CVE-2019-1010023
2019-07-15 03:09:37
cve
cve
CVE-2019-1010023
2019-07-15 04:15:13
prion
prion
Code injection
2019-07-15 04:15:00
ubuntucve
ubuntucve
CVE-2019-1010023
2019-07-15 00:00:00
nvd
nvd
CVE-2019-1010023
2019-07-15 04:15:13
openvas
openvas
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2020-1152)
2020-02-25 00:00:00
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2020-1102)
2020-02-24 00:00:00
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2020-1667)
2020-06-16 00:00:00
nessus
nessus
EulerOS 2.0 SP8 : glibc (EulerOS-SA-2020-1152)
2020-02-25 00:00:00
EulerOS 2.0 SP5 : glibc (EulerOS-SA-2020-1102)
2020-02-24 00:00:00
EulerOS 2.0 SP2 : glibc (EulerOS-SA-2020-1667)
2020-06-17 00:00:00
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
avleonov
avleonov