CVE-2010-0830

[GoogleCodeExporter]

Integer signedness error in the elf_get_dynamic_info function in 
elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 
through 2.11.1, when the --verify option is used, allows user-assisted remote 
attackers to execute arbitrary code via a crafted ELF program with a negative 
value for a certain d_tag structure member in the ELF header. 

http://sourceware.org/git/?p=glibc.git;a=commit;h=db07e962b6ea963dbb345439f6ab9b
0cf74d87c5

Original issue reported on code.google.com by ole.andr...@gmail.com on 20 Aug 2010 at 11:07

[GoogleCodeExporter]

The 0.3 branch is soon EOL, no time to fix this issue. Sorry.

Original comment by off...@symbiosis.cc on 4 Aug 2011 at 10:52

• Changed state: WontFix