CVE-2010-0830

Priority
Low
Description
Integer signedness error in the elf_get_dynamic_info function in
elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1
through 2.11.1, when the --verify option is used, allows user-assisted
remote attackers to execute arbitrary code via a crafted ELF program with a
negative value for a certain d_tag structure member in the ELF header.
References
Assigned-to
kees
Package
Source: glibc (LP Ubuntu Debian)
Upstream:needed
Ubuntu 8.04 LTS (Hardy Heron):released (2.7-10ubuntu6)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Package
Upstream:needed
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):released (2.11.1-0ubuntu7.1)
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:20:46 UTC (commit 5347)