Bypassing Pointer-Guarding Protection in GNU C Library

Bypassing Pointer-Guarding Protection in GNU C Library

CVE-2015-8777 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:N

The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.

Learn more about our User Device Pen Test.