iconv libraries not loading
Bug #701783 reported by
Kees Cook
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| eglibc (Ubuntu) |
Fix Released
|
High
|
Kees Cook | ||
Bug Description
Colin Watson discovered that when running a setuid man, the $ORIGIN DST in the iconv libraries' RPATH does not expand correctly, allowing an attacker to load arbitrary libraries from the literal '$ORIGIN' subdirectory of the man process's current directory.
| visibility: | private → public |
| Changed in eglibc (Ubuntu): | |
| assignee: | nobody → Kees Cook (kees) |
| importance: | Undecided → High |
| status: | New → Fix Committed |
To post a comment you must log in.

This bug was fixed in the package eglibc - 2.12.1-0ubuntu13
---------------
eglibc (2.12.1-0ubuntu13) natty; urgency=low
* SECURITY UPDATE: setuid iconv users could load arbitrary libraries. patches/ any/submitted- origin. diff: refresh with new
- debian/
proposed solution, avoiding iconv issues (LP: #701783).
-- Kees Cook <email address hidden> Tue, 11 Jan 2011 22:45:54 -0800