CVE-2011-0536

Name	CVE-2011-0536
Description	Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs	600667

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
glibc (PTS)	jessie, jessie (lts)	2.19-18+deb8u14	fixed
	stretch (security)	2.24-11+deb9u1	fixed
	stretch (lts), stretch	2.24-11+deb9u7	fixed
	buster (security), buster, buster (lts)	2.28-10+deb10u4	fixed
	bullseye	2.31-13+deb11u11	fixed
	bullseye (security)	2.31-13+deb11u10	fixed
	bookworm	2.36-9+deb12u9	fixed
	bookworm (security)	2.36-9+deb12u7	fixed
	sid, trixie	2.40-3	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
eglibc	source	(unstable)	2.11.2-8			600667
glibc	source	(unstable)	(not affected)

- glibc <not-affected> (Lenny version not affected)