AI Score
Confidence
Low
EPSS
Percentile
85.3%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
[
{
"vendor": "GNU Libc",
"product": "glibc",
"versions": [
{
"status": "affected",
"version": "current (At least as of 2018-02-16)"
}
]
}
]