UBUNTU-CVE-2010-4001

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2010-4001

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2010/UBUNTU-CVE-2010-4001.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2010-4001

Withdrawn

2025-06-23T15:52:31Z

Published

2010-11-06T00:00:00Z

Modified

2010-11-06T00:00:00Z

Summary

[none]

Details

** DISPUTED ** GMXRC.bash in Gromacs 4.5.1 and earlier places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: CVE disputes this issue because the GMXLDLIB value is always added to the beginning of LDLIBRARYPATH at a later point in the script.

References

Affected packages

Ubuntu:Pro:16.04:LTS / gromacs

Package

Name: gromacs
Purl: pkg:deb/ubuntu/gromacs

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.0.6-1

5.1-1

5.1.1-1

5.1.1-2

5.1.1-2build1

5.1.2-1ubuntu1

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2010/UBUNTU-CVE-2010-4001.json"

Ubuntu:Pro:18.04:LTS / gromacs

Package

Name: gromacs
Purl: pkg:deb/ubuntu/gromacs

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2016.*

2016.4-1

Other

2018-2

2018.*

2018.1-1

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2010/UBUNTU-CVE-2010-4001.json"

Ubuntu:20.04:LTS / gromacs

Package

Name: gromacs
Purl: pkg:deb/ubuntu/gromacs

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2019.*

2019.3-2

2019.4-1

2019.4-1build1

Other

2020-2

2020-2build1

2020.*

2020.1-1

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2010/UBUNTU-CVE-2010-4001.json"

Ubuntu:22.04:LTS / gromacs

Package

Name: gromacs
Purl: pkg:deb/ubuntu/gromacs

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2020.*

2020.6-2

2021.*

2021.4-2

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2010/UBUNTU-CVE-2010-4001.json"

Ubuntu:24.04:LTS / gromacs

Package

Name: gromacs
Purl: pkg:deb/ubuntu/gromacs

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2023.*

2023.1-2ubuntu1

2023.3-1ubuntu1

2023.3-1ubuntu2

2023.3-1ubuntu3

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2010/UBUNTU-CVE-2010-4001.json"