Launchpad CVE tracker

CVE 2015-8777

The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.

Related bugs and status

CVE-2015-8777 (Candidate) is related to these bugs:

Bug #1546457: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required

		In	Importance	Status
1546457	libc6 2.15-0ubuntu10.13 doesn't mark reboot-required	glibc (Ubuntu)	High	Fix Released
1546457	libc6 2.15-0ubuntu10.13 doesn't mark reboot-required	eglibc (Ubuntu Precise)	High	Fix Released
1546457	libc6 2.15-0ubuntu10.13 doesn't mark reboot-required	eglibc (Ubuntu Trusty)	High	Fix Released
1546457	libc6 2.15-0ubuntu10.13 doesn't mark reboot-required	glibc (Ubuntu Wily)	High	Fix Released

Bug #1821752: libc6 version 2.19 breaks NSS loading for static binaries

		In	Importance	Status
1821752	libc6 version 2.19 breaks NSS loading for static binaries	eglibc (Ubuntu)	Undecided	Fix Released
1821752	libc6 version 2.19 breaks NSS loading for static binaries	eglibc (Debian)	Unknown	Fix Released
1821752	libc6 version 2.19 breaks NSS loading for static binaries	eglibc	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2015-8777

References