Candidate: CVE-2011-0536
PublicDate: 2011-04-08 15:17:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0536
 https://ubuntu.com/security/notices/USN-1009-2
Description:
 Multiple untrusted search path vulnerabilities in elf/dl-object.c in
 certain modified versions of the GNU C Library (aka glibc or libc6),
 including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat
 Enterprise Linux, allow local users to gain privileges via a crafted
 dynamic shared object (DSO) in a subdirectory of the current working
 directory during execution of a (1) setuid or (2) setgid program that has
 $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a
 referenced library. NOTE: this issue exists because of an incorrect fix for
 CVE-2010-3847.
Ubuntu-Description:
Notes:
Bugs:
Priority: negligible
Discovered-by:
Assigned-to:
CVSS: 

Patches_eglibc:
upstream_eglibc: needs-triage
dapper_eglibc: DNE
hardy_eglibc: DNE
karmic_eglibc: released (2.10.1-0ubuntu19)
lucid_eglibc: released (2.11.1-0ubuntu7.7)
maverick_eglibc: released (2.12.1-0ubuntu10.1)
devel_eglibc: not-affected (2.13~pre1-0ubuntu1)

Patches_glibc:
upstream_glibc: needs-triage
dapper_glibc: not-affected
hardy_glibc: released (2.7-10ubuntu8)
karmic_glibc: DNE
lucid_glibc: DNE
maverick_glibc: DNE
devel_glibc: DNE