CVE-2010-0830
EPSS 6.3%
Description
Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header.
How to fix CVE-2010-0830
To remediate CVE-2010-0830, upgrade the affected package to a fixed version below.
- Debian/glibc—upgrade to 2.11-1 or later
Is CVE-2010-0830 being exploited?
Moderate — EPSS is 6.3%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 2.11-1