CVE-2017-16997

Source
https://cve.org/CVERecord?id=CVE-2017-16997
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-16997.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-16997
Downstream
Related
Published
2017-12-18T01:29:00.190Z
Modified
2026-07-08T05:48:36.174229756Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or ATSECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillinrpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the "./" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.

Database specific
{
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "introduced": "7.0"
                },
                {
                    "last_affected": "7.0"
                }
            ],
            "source": "CPE_STRING",
            "vendor_product": "redhat:enterprise_linux_desktop",
            "cpes": [
                "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"
            ]
        },
        {
            "cpes": [
                "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"
            ],
            "source": "CPE_STRING",
            "vendor_product": "redhat:enterprise_linux_server",
            "extracted_events": [
                {
                    "introduced": "7.0"
                },
                {
                    "last_affected": "7.0"
                }
            ]
        },
        {
            "cpes": [
                "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"
            ],
            "source": "CPE_STRING",
            "vendor_product": "redhat:enterprise_linux_workstation",
            "extracted_events": [
                {
                    "introduced": "7.0"
                },
                {
                    "last_affected": "7.0"
                }
            ]
        }
    ]
}
References

Affected packages

Git / github.com/bminor/glibc

Affected ranges

Type
GIT
Repo
https://github.com/bminor/glibc
Events
Database specific
{
    "source": "CPE_STRING",
    "cpe": [
        "cpe:2.3:a:gnu:glibc:2.19:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnu:glibc:2.20:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnu:glibc:2.21:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnu:glibc:2.22:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnu:glibc:2.23:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnu:glibc:2.25:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnu:glibc:2.26:*:*:*:*:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "2.19"
        },
        {
            "last_affected": "2.19"
        },
        {
            "introduced": "2.20"
        },
        {
            "last_affected": "2.20"
        },
        {
            "introduced": "2.21"
        },
        {
            "last_affected": "2.21"
        },
        {
            "introduced": "2.22"
        },
        {
            "last_affected": "2.22"
        },
        {
            "introduced": "2.23"
        },
        {
            "last_affected": "2.23"
        },
        {
            "introduced": "2.25"
        },
        {
            "last_affected": "2.25"
        },
        {
            "introduced": "2.26"
        },
        {
            "last_affected": "2.26"
        }
    ]
}

Affected versions

2.*
2.19
2.20
2.21
2.22
2.23
2.25
2.26
glibc-2.*
glibc-2.19
glibc-2.19.90
glibc-2.20
glibc-2.20.90
glibc-2.21
glibc-2.21.90
glibc-2.22
glibc-2.22.90
glibc-2.23
glibc-2.23.90
glibc-2.24
glibc-2.24.90
glibc-2.25
glibc-2.25.90
glibc-2.26

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-16997.json"

Git / sourceware.org/git/glibc.git

Affected ranges

Type
GIT
Repo
https://sourceware.org/git/glibc.git
Events
Introduced
9a869d822025be8e43b78234997b10bf0cf9d859
Last affected
1c9a5c270d8b66f30dcfaf1cb2d6cf39d3e18369
Database specific
{
    "source": "CPE_STRING",
    "cpe": [
        "cpe:2.3:a:gnu:glibc:2.19:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnu:glibc:2.20:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnu:glibc:2.21:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnu:glibc:2.22:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnu:glibc:2.23:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnu:glibc:2.25:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnu:glibc:2.26:*:*:*:*:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "2.19"
        },
        {
            "last_affected": "2.19"
        },
        {
            "introduced": "2.20"
        },
        {
            "last_affected": "2.20"
        },
        {
            "introduced": "2.21"
        },
        {
            "last_affected": "2.21"
        },
        {
            "introduced": "2.22"
        },
        {
            "last_affected": "2.22"
        },
        {
            "introduced": "2.23"
        },
        {
            "last_affected": "2.23"
        },
        {
            "introduced": "2.25"
        },
        {
            "last_affected": "2.25"
        },
        {
            "introduced": "2.26"
        },
        {
            "last_affected": "2.26"
        }
    ]
}

Affected versions

2.*
2.19
2.20
2.21
2.22
2.23
2.25
2.26
glibc-2.*
glibc-2.19
glibc-2.19.90
glibc-2.20
glibc-2.20.90
glibc-2.21
glibc-2.21.90
glibc-2.22
glibc-2.22.90
glibc-2.23
glibc-2.23.90
glibc-2.24
glibc-2.24.90
glibc-2.25
glibc-2.25.90
glibc-2.26

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-16997.json"