Ubuntu Update For Glibc, Eglibc Vulnerabilities USN-1009-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1009-1

Solution

Please Install the Updated Packages.

Insight

Tavis Ormandy discovered multiple flaws in the GNU C Library's handling of the LD_AUDIT environment variable when running a privileged binary. A local attacker could exploit this to gain root privileges. (CVE-2010-3847, CVE-2010-3856)

Affected

glibc, eglibc vulnerabilities on Ubuntu 8.04 LTS , Ubuntu 9.04 , Ubuntu 9.10 , Ubuntu 10.04 LTS

Severity

Classification

CVE CVE-2010-3847, CVE-2010-3856
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Ubuntu Update for ffmpeg, ffmpeg-debian vulnerabilities USN-931-1
Ubuntu Update for ffmpeg USN-1320-1
Ubuntu Update for clamav USN-2488-1
Ubuntu Update for bash USN-2363-2
Ubuntu Update for curl vulnerability USN-484-1

Ubuntu Update for glibc, eglibc vulnerabilities USN-1009-1

Take action and discover your vulnerabilities