This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug dynamic-link/25204] LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries (CVE-2019-19126)

From: "rschiron at redhat dot com" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sourceware dot org
Date: Thu, 21 Nov 2019 17:01:39 +0000
Subject: [Bug dynamic-link/25204] LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries (CVE-2019-19126)
Auto-submitted: auto-generated
References: <bug-25204-131@http.sourceware.org/bugzilla/>

https://sourceware.org/bugzilla/show_bug.cgi?id=25204

rschiron at redhat dot com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |rschiron at redhat dot com

--- Comment #7 from rschiron at redhat dot com ---
I believe this should be treated as a security hardening the same as other
similar issues with weak ASLR have been treated (e.g.
https://sourceware.org/bugzilla/show_bug.cgi?id=22852 ,
https://sourceware.org/bugzilla/show_bug.cgi?id=22853#c3 ).

I do see how this is easier to trigger and more common in setuid binaries than
the other similar flaws, but it still requires another unrelated vulnerability
to be of any use and ASLR is a post-exploitation mitigation.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

References:
- [Bug dynamic-link/25204] New: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries
  - From: koriakin at 0x04 dot net

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]