CVE-2007-3508

Public Date:
2007-07-03
CWE:
CWE-190
Bugzilla:
247208: CVE-2007-3508 Glibc integer overflow

The MITRE CVE dictionary describes this issue as:

** DISPUTED ** Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitable for code execution.

Find out more about CVE-2007-3508 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

After careful analysis by Red Hat and several Glibc developers, it has been determined that this bug is not exploitable.

For more information please see Red Hat Bugzilla bug #247208
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=247208

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.