CVE-2007-3508
EPSS 0.05%
Description
Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitable for code execution
How to fix CVE-2007-3508
To remediate CVE-2007-3508, upgrade the affected package to a fixed version below.
- Debian/glibc—upgrade to 2.6-2 or later
Is CVE-2007-3508 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2.6-2