]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 1c05115) | patch
glibc: CVE-2015-8777
authorArmin Kuster <akuster@mvista.com>
Sat, 6 Feb 2016 23:14:42 +0000 (15:14 -0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Sun, 7 Feb 2016 17:20:57 +0000 (17:20 +0000)
commit9cc998978bd67bc5569cc1478f4ddee40020b929
tree32d159677990926e41f1f78c419aea2dda0ccfa3tree | snapshot
parent1c05115a906499989d2159683195ed6d2cda75bacommit | diff
glibc: CVE-2015-8777

The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or
libc6) before 2.23 allows local users to bypass a pointer-guarding protection
mechanism via a zero value of the LD_POINTER_GUARD environment variable.

(From OE-Core rev: 22570ba08d7c6157aec58764c73b1134405b0252)

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-core/glibc/glibc/CVE-2015-8777.patch [new file with mode: 0644] blob
meta/recipes-core/glibc/glibc_2.21.bb diff | blob | history
Mirror of the official openembedded-core repository