CVE-2017-16997

elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or ATSECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillinrpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the "./" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.

References

Affected packages

Git / github.com/ansible/ansible

Affected ranges

Type: GIT
Repo: https://github.com/ansible/ansible
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

82529e534dd3edd84aba03d86b337f88c58b9982

Affected versions

0.*

0.0.1

0.0.2

0.01

0.3

0.7

Other

pre-ansible-base

v1_last

stable-2.*

stable-2.10-branchpoint

stable-2.11-branchpoint

stable-2.9-branchpoint

v1.*

v1.0

v1.1

v1.2

v1.4.0

v1.5.0

v1.5.1

v1.6.0

v2.*

v2.0.0-0.1.alpha1

v2.0.0-0.2.alpha2

v2.0.0-0.3.beta1

v2.0.0-0.4.beta2

v2.0.0-0.5.beta3

v2.11.0b1

v2.11.0b2

v2.11.0b3

v2.11.0b4

v2.19.0

v2.19.0b1

v2.19.0b2

v2.19.0b3

v2.19.0b4

v2.19.0b5

v2.19.0b6

v2.19.0b7

v2.19.0rc1

v2.19.0rc2

v2.6.0a1

v2.7.0.a1

v2.8.0a1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-16997.json"