CVE 2010-3847
elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory.
Related bugs and status
CVE-2010-3847 (Candidate) is related to these bugs:
Bug #615953: busybox sed core dump
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 615953 | busybox sed core dump | eglibc (Ubuntu) | Low | Fix Released | ||
| 615953 | busybox sed core dump | eglibc (Fedora) | High | Fix Released | ||
| 615953 | busybox sed core dump | eglibc (Ubuntu Lucid) | Undecided | Fix Released | ||
| 615953 | busybox sed core dump | eglibc (Ubuntu Maverick) | Undecided | Fix Released | ||
Bug #643171: Use the __sync primitives in EGLIBC
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 643171 | Use the __sync primitives in EGLIBC | Linaro Toolchain Miscellanies | Medium | Fix Released | ||
| 643171 | Use the __sync primitives in EGLIBC | eglibc (Ubuntu) | Undecided | Fix Released | ||
Bug #669361: package manpages-dev 3.24-1ubuntu1 failed to install/upgrade: trying to overwrite '/usr/share/man/man3/pthread_sigmask.3.gz', which is also in package glibc-doc 2.12.1-0ubuntu8
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 669361 | package manpages-dev 3.24-1ubuntu1 failed to install/upgrade: trying to overwrite '/usr/share/man/man3/pthread_sigmask.3.gz', which is also in package glibc-doc 2.12.1-0ubuntu8 | eglibc (Ubuntu) | Medium | Fix Released | ||
| 669361 | package manpages-dev 3.24-1ubuntu1 failed to install/upgrade: trying to overwrite '/usr/share/man/man3/pthread_sigmask.3.gz', which is also in package glibc-doc 2.12.1-0ubuntu8 | manpages (Ubuntu) | Undecided | Fix Released | ||
Bug #670678: libc translations not imported from upstream
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 670678 | libc translations not imported from upstream | Launchpad itself | Undecided | Invalid | ||
| 670678 | libc translations not imported from upstream | eglibc (Ubuntu) | Undecided | Fix Released | ||
| 670678 | libc translations not imported from upstream | Ubuntu Translations | Medium | Fix Released | ||
Bug #672352: Assertion `_rtld_global_ro._dl_pagesize != 0' failed
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 672352 | Assertion `_rtld_global_ro._dl_pagesize != 0' failed | eglibc (Ubuntu) | Undecided | Fix Released | ||
| 672352 | Assertion `_rtld_global_ro._dl_pagesize != 0' failed | eglibc (Ubuntu Maverick) | Undecided | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
