CVE-2010-3856 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2010-3856 Interim 1 15 2023-12-09T01:54:20Z current 2021-05-30T12:54:18Z 2023-12-09T01:54:20Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2010-3856 ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4GV6CUGE3JGTZZUYVACC3MINIWE4G3TS/#4GV6CUGE3JGTZZUYVACC3MINIWE4G3TS E-Mail link for SUSE-SA:2010:052 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 glibc-2.11.1-0.20.1 glibc-2.9-13.11.1 glibc-32bit-2.11.1-0.20.1 glibc-32bit-2.9-13.11.1 glibc-devel-2.11.1-0.20.1 glibc-devel-2.9-13.11.1 glibc-devel-32bit-2.11.1-0.20.1 glibc-devel-32bit-2.9-13.11.1 glibc-html-2.11.1-0.20.1 glibc-html-2.9-13.11.1 glibc-i18ndata-2.11.1-0.20.1 glibc-i18ndata-2.9-13.11.1 glibc-info-2.11.1-0.20.1 glibc-info-2.9-13.11.1 glibc-locale-2.11.1-0.20.1 glibc-locale-2.9-13.11.1 glibc-locale-32bit-2.11.1-0.20.1 glibc-locale-32bit-2.9-13.11.1 glibc-locale-x86-2.9-13.11.1 glibc-profile-2.11.1-0.20.1 glibc-profile-2.9-13.11.1 glibc-profile-32bit-2.11.1-0.20.1 glibc-profile-32bit-2.9-13.11.1 glibc-profile-x86-2.9-13.11.1 glibc-x86-2.9-13.11.1 nscd-2.11.1-0.20.1 nscd-2.9-13.11.1 glibc-2.9-13.11.1 as a component of SUSE Linux Enterprise Server 11 glibc-32bit-2.9-13.11.1 as a component of SUSE Linux Enterprise Server 11 glibc-devel-2.9-13.11.1 as a component of SUSE Linux Enterprise Server 11 glibc-devel-32bit-2.9-13.11.1 as a component of SUSE Linux Enterprise Server 11 glibc-html-2.9-13.11.1 as a component of SUSE Linux Enterprise Server 11 glibc-i18ndata-2.9-13.11.1 as a component of SUSE Linux Enterprise Server 11 glibc-info-2.9-13.11.1 as a component of SUSE Linux Enterprise Server 11 glibc-locale-2.9-13.11.1 as a component of SUSE Linux Enterprise Server 11 glibc-locale-32bit-2.9-13.11.1 as a component of SUSE Linux Enterprise Server 11 glibc-locale-x86-2.9-13.11.1 as a component of SUSE Linux Enterprise Server 11 glibc-profile-2.9-13.11.1 as a component of SUSE Linux Enterprise Server 11 glibc-profile-32bit-2.9-13.11.1 as a component of SUSE Linux Enterprise Server 11 glibc-profile-x86-2.9-13.11.1 as a component of SUSE Linux Enterprise Server 11 glibc-x86-2.9-13.11.1 as a component of SUSE Linux Enterprise Server 11 nscd-2.9-13.11.1 as a component of SUSE Linux Enterprise Server 11 glibc-2.11.1-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA glibc-32bit-2.11.1-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA glibc-devel-2.11.1-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA glibc-devel-32bit-2.11.1-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA glibc-html-2.11.1-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA glibc-i18ndata-2.11.1-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA glibc-info-2.11.1-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA glibc-locale-2.11.1-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA glibc-locale-32bit-2.11.1-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA glibc-profile-2.11.1-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA glibc-profile-32bit-2.11.1-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA nscd-2.11.1-0.20.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA glibc-2.9-13.11.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 glibc-32bit-2.9-13.11.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 glibc-devel-2.9-13.11.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 glibc-devel-32bit-2.9-13.11.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 glibc-html-2.9-13.11.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 glibc-i18ndata-2.9-13.11.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 glibc-info-2.9-13.11.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 glibc-locale-2.9-13.11.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 glibc-locale-32bit-2.9-13.11.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 glibc-locale-x86-2.9-13.11.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 glibc-profile-2.9-13.11.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 glibc-profile-32bit-2.9-13.11.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 glibc-profile-x86-2.9-13.11.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 glibc-x86-2.9-13.11.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 nscd-2.9-13.11.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so. CVE-2010-3856 SUSE Linux Enterprise Server 11:glibc-2.9-13.11.1 SUSE Linux Enterprise Server 11:glibc-32bit-2.9-13.11.1 SUSE Linux Enterprise Server 11:glibc-devel-2.9-13.11.1 SUSE Linux Enterprise Server 11:glibc-devel-32bit-2.9-13.11.1 SUSE Linux Enterprise Server 11:glibc-html-2.9-13.11.1 SUSE Linux Enterprise Server 11:glibc-i18ndata-2.9-13.11.1 SUSE Linux Enterprise Server 11:glibc-info-2.9-13.11.1 SUSE Linux Enterprise Server 11:glibc-locale-2.9-13.11.1 SUSE Linux Enterprise Server 11:glibc-locale-32bit-2.9-13.11.1 SUSE Linux Enterprise Server 11:glibc-locale-x86-2.9-13.11.1 SUSE Linux Enterprise Server 11:glibc-profile-2.9-13.11.1 SUSE Linux Enterprise Server 11:glibc-profile-32bit-2.9-13.11.1 SUSE Linux Enterprise Server 11:glibc-profile-x86-2.9-13.11.1 SUSE Linux Enterprise Server 11:glibc-x86-2.9-13.11.1 SUSE Linux Enterprise Server 11:nscd-2.9-13.11.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:glibc-2.11.1-0.20.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:glibc-32bit-2.11.1-0.20.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:glibc-devel-2.11.1-0.20.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:glibc-devel-32bit-2.11.1-0.20.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:glibc-html-2.11.1-0.20.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:glibc-i18ndata-2.11.1-0.20.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:glibc-info-2.11.1-0.20.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:glibc-locale-2.11.1-0.20.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:glibc-locale-32bit-2.11.1-0.20.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:glibc-profile-2.11.1-0.20.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:glibc-profile-32bit-2.11.1-0.20.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:nscd-2.11.1-0.20.1 SUSE Linux Enterprise Server for SAP Applications 11:glibc-2.9-13.11.1 SUSE Linux Enterprise Server for SAP Applications 11:glibc-32bit-2.9-13.11.1 SUSE Linux Enterprise Server for SAP Applications 11:glibc-devel-2.9-13.11.1 SUSE Linux Enterprise Server for SAP Applications 11:glibc-devel-32bit-2.9-13.11.1 SUSE Linux Enterprise Server for SAP Applications 11:glibc-html-2.9-13.11.1 SUSE Linux Enterprise Server for SAP Applications 11:glibc-i18ndata-2.9-13.11.1 SUSE Linux Enterprise Server for SAP Applications 11:glibc-info-2.9-13.11.1 SUSE Linux Enterprise Server for SAP Applications 11:glibc-locale-2.9-13.11.1 SUSE Linux Enterprise Server for SAP Applications 11:glibc-locale-32bit-2.9-13.11.1 SUSE Linux Enterprise Server for SAP Applications 11:glibc-locale-x86-2.9-13.11.1 SUSE Linux Enterprise Server for SAP Applications 11:glibc-profile-2.9-13.11.1 SUSE Linux Enterprise Server for SAP Applications 11:glibc-profile-32bit-2.9-13.11.1 SUSE Linux Enterprise Server for SAP Applications 11:glibc-profile-x86-2.9-13.11.1 SUSE Linux Enterprise Server for SAP Applications 11:glibc-x86-2.9-13.11.1 SUSE Linux Enterprise Server for SAP Applications 11:nscd-2.9-13.11.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C