CVE-2007-3508 : Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2

Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitable for code execution

Published 2007-07-03 21:30:00

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Products affected by CVE-2007-3508

Gentoo » Glibc » Update R3
Versions up to, including, (<=) 2.5
cpe:2.3:a:gentoo:glibc:*:r3:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2007-3508

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 12 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2007-3508

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2007-3508

CWE-189

Assigned by: nvd@nist.gov (Primary)

Vendor statements for CVE-2007-3508

Red Hat 2007-07-05

After careful analysis by Red Hat and several Glibc developers, it has been determined that this bug is not exploitable. For more information please see Red Hat Bugzilla bug #247208 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=247208
Mandriva 2007-09-17

Based on the analysis of Red Hat and several Glibc developers, Mandriva does not believe this to be exploitable.

References for CVE-2007-3508

http://secunia.com/advisories/25864

About Secunia Research | Flexera
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200707-04.xml

GNU C Library: Integer overflow (GLSA 200707-04) — Gentoo security
http://osvdb.org/37901
http://www.sourceware.org/ml/libc-hacker/2007-07/msg00001.html

Jakub Jelinek - [PATCH] Fix LD_HWCAP_MASK handling
http://www.vupen.com/english/advisories/2007/2418

Webmail: access your OVH emails on ovhcloud.com | OVHcloud
Vendor Advisory
http://sources.gentoo.org/viewcvs.py/gentoo/src/patchsets/glibc/2.5/1600_all_glibc-hwcap-mask-secure.patch?rev=1.1&view=markup

Gentoo Git Repositories
http://www.securityfocus.com/bid/24758
http://www.securitytracker.com/id?1018334

www.securitytracker.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/35240

GNU C Library (glibc) process_envvars integer overflow CVE-2007-3508 Vulnerability Report
http://bugs.gentoo.org/show_bug.cgi?id=183844

183844 – sys-libs/glibc: integer overflow in ld.so CVE-2007-3508