In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
References
Link | Resource |
---|---|
http://seclists.org/oss-sec/2018/q1/38 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/102525 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1040162 | Third Party Advisory VDB Entry |
https://access.redhat.com/errata/RHSA-2018:0805 | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20190404-0003/ | |
https://usn.ubuntu.com/3534-1/ | Third Party Advisory |
https://usn.ubuntu.com/3536-1/ | Third Party Advisory |
https://www.exploit-db.com/exploits/43775/ | Exploit Third Party Advisory VDB Entry |
https://www.exploit-db.com/exploits/44889/ | Exploit Third Party Advisory VDB Entry |
https://www.halfdog.net/Security/2017/LibcRealpathBufferUnderflow/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-01-31T14:00:00
Updated: 2019-04-04T10:06:03
Reserved: 2018-01-16T00:00:00
Link: CVE-2018-1000001
JSON object: View
NVD Information
Status : Modified
Published: 2018-01-31T14:29:00.607
Modified: 2019-10-03T00:03:26.223
Link: CVE-2018-1000001
JSON object: View
Redhat Information
No data.
CWE