Public Date:
1260581: CVE-2015-8777 glibc: LD_POINTER_GUARD in the environment is not sanitized
It was found that the dynamic loader did not sanitize the LD_POINTER_GUARD environment variable. An attacker could use this flaw to bypass the pointer guarding protection on set-user-ID or set-group-ID programs to execute arbitrary code with the permissions of the user running the application.

Find out more about CVE-2015-8777 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v2 metrics

Base Score 3.7
Base Metrics AV:L/AC:H/Au:N/C:P/I:P/A:P
Access Vector Local
Access Complexity High
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial

CVSS v3 metrics

CVSS3 Base Score 7
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity High
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity Impact High
Availability Impact High

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 7 (glibc) RHSA-2017:1916 2017-08-01

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 glibc Will not fix
Red Hat Enterprise Linux 5 glibc Will not fix


The glibc pointer guard is a post-exploitation mitigation mechanism. As such, it is only relevant if there are exploitable security vulnerabilities in the system. Therefore, applying available security updates to the system is a possible mitigation for this issue.

In typical deployments, environment variables can only be set by users with shell access. Restricting shell access to trusted users is another possible mitigation.

Last Modified