First published: Wed Dec 02 2009(Updated: )
The _rtld function in the Run-Time Link-Editor (rtld) in libexec/rtld-elf/rtld.c in FreeBSD 7.1, 7.2, and 8.0 does not clear the LD_PRELOAD environment variable, which allows local users to gain privileges by executing a setuid or setguid program with a modified LD_PRELOAD variable containing an untrusted search path that points to a Trojan horse library, a different vector than CVE-2009-4147.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
FreeBSD Kernel | =8.0 | |
FreeBSD Kernel | =7.1 | |
FreeBSD Kernel | =7.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2009-4146 is classified as a high severity vulnerability due to its potential to allow local users to gain elevated privileges.
To fix CVE-2009-4146, you should upgrade to a patched version of FreeBSD that addresses this vulnerability.
CVE-2009-4146 affects users of FreeBSD versions 7.1, 7.2, and 8.0.
CVE-2009-4146 is a local privilege escalation vulnerability in the Run-Time Link-Editor.
CVE-2009-4146 can be exploited by executing a setuid or setguid program with a modified LD_PRELOAD variable.