Ubuntu Update For Glibc, Eglibc Vulnerabilities USN-1009-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1009-1

Solution

Please Install the Updated Packages.

Insight

Tavis Ormandy discovered multiple flaws in the GNU C Library's handling of the LD_AUDIT environment variable when running a privileged binary. A local attacker could exploit this to gain root privileges. (CVE-2010-3847, CVE-2010-3856)

Affected

glibc, eglibc vulnerabilities on Ubuntu 8.04 LTS , Ubuntu 9.04 , Ubuntu 9.10 , Ubuntu 10.04 LTS

Severity

Classification

CVE CVE-2010-3847, CVE-2010-3856

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Ubuntu Update for coreutils USN-2473-1
Ubuntu Update for evince vulnerabilities USN-1035-1
Ubuntu Update for file vulnerability USN-439-1
Ubuntu Update for ca-certificates USN-1197-5
Ubuntu Update for devhelp, epiphany-browser, midbrowser, yelp update USN-626-2

Ubuntu Update for glibc, eglibc vulnerabilities USN-1009-1

Take action and discover your vulnerabilities