CVE-2017-1000366

Published Jun 19, 2017
Last updated 4 years ago
CVSS high 7.8
Overview

Description: glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 3.0

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses

nvd@nist.gov: CWE-119
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5833A489-D6DE-4D51-9E74-189CBC2E28CA"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A62C9FF6-525F-4706-908C-1081B51AA464"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "92C9F1C4-55B0-426D-BB5E-01372C23AF97"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD6D0378-F0F4-4AAA-80AF-8287C790EC96"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16E6D998-B41D-4B49-9E00-8336D2E40A4A"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C462C17E-DEB3-4E28-9D3E-FEE97907EC14"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C81647C-9A53-481D-A54C-36770A093F90"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44B067C7-735E-43C9-9188-7E1522A02491"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_long_life:5.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0CC2D9E-C769-4810-99DD-540614627FFB"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13E02156-E748-4820-B76F-7074793837E1"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:openstack:cloud_magnum_orchestration:7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B27A3E24-7BC2-4EA9-BFAD-987C2CDEF8DA"
          },
          {
            "criteria": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A24B121-952E-44CD-92CB-3D66E00DD38F"
          },
          {
            "criteria": "cpe:2.3:o:novell:suse_linux_enterprise_point_of_sale:11.0:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51E07D0D-67A6-4DDE-BE4E-959DE0A3314F"
          },
          {
            "criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:ltss:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F8CE3BD-993B-407F-BAEC-A070F6B46E6E"
          },
          {
            "criteria": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_for_sap:12:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E901D2F9-B4EA-420A-B1DA-4CD5B0A021CF"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "35BBD83D-BDC7-4678-BE94-639F59281139"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:ltss:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0651347C-AE16-4155-98EF-A0A2C63A37A8"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F84B2729-7B52-4505-9656-1BD31B980705"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:ltss:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32C12523-2500-44D0-97EE-E740BD3E61B3"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server_for_raspberry_pi:12:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4605D055-EA6E-4C90-9277-AC067E1BD02D"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11.0:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51FA1B64-D002-41CC-908F-3798122ACD25"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12.0:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "484E3B41-F560-47A7-9C4C-C0DAF3510818"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C3B907D-79AF-44AC-BD23-C369CD6AE173",
            "versionEndIncluding": "2.25"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6AE5831-D666-4D79-9B37-87A969F9127D",
            "versionEndIncluding": "7.6.2.14"
          },
          {
            "criteria": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27C7DAE9-3B9A-4062-BB77-683318A739F6",
            "versionEndIncluding": "7.7.2.2",
            "versionStartIncluding": "7.7.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
