CVE-2025-4802

Published May 16, 2025

Last updated 25 days ago

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-4802 involves an untrusted LD_LIBRARY_PATH environment variable vulnerability found in the GNU C Library (glibc) versions 2.27 to 2.38. This vulnerability allows an attacker to control the loading of dynamically shared libraries. Specifically, the issue affects statically compiled setuid binaries that call dlopen, including internal dlopen calls made after setlocale or calls to NSS functions like getaddrinfo. An attacker could potentially exploit this to execute arbitrary code or escalate privileges by manipulating the library path in setuid binaries.

Description
Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).
Source
3ff69d7a-14f2-4f67-a097-88dee7810d18
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

3ff69d7a-14f2-4f67-a097-88dee7810d18
CWE-426

Social media

Hype score
Not currently trending
  1. Nice demo: tested a vulnerable Ubuntu 22.04 system for glibc CVE-2025-4802 using @solardiz's PoC adapted to Ubuntu (replace any occurrence of "myhostname" with "mdns4_minimal"). Even an old #grsecurity 5.4.96 kernel from February 8 2021 prevented exploitation https://t.co/Wiq2j

    @grsecurity

    23 May 2025

    2814 Impressions

    11 Retweets

    52 Likes

    15 Bookmarks

    1 Reply

    0 Quotes

  2. 『Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries』 CVE-2025-4802 https://t.co/qFOBTF9hBz

    @autumn_good_35

    19 May 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 glibc CVE-2025-4802 puts Linux systems at risk of code execution. Update to glibc 2.39 now! 🔗 https://t.co/zZ6048IBuA #LinuxSecurity #glibc #CVE20254802 #Cybersecurity #InfoSec #securecybernews

    @securecybernews

    19 May 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Top 5 Trending CVEs: 1 - CVE-2006-5051 2 - CVE-2025-4921 3 - CVE-2018-17144 4 - CVE-2025-4802 5 - CVE-2019-11248 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    19 May 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. GNU Cライブラリ(glibc)において、環境変数を介した不正なライブラリ読み込みにより、権限昇格や任意コード実行が可能になる重大な脆弱性が発見された(CVE-2025-4802)。

    @yousukezan

    19 May 2025

    2173 Impressions

    3 Retweets

    16 Likes

    5 Bookmarks

    0 Replies

    0 Quotes

  6. elf: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH (CVE-2025-4802) https://t.co/SsveHoiqKS poc demonstrated it can be hijacked as DSO: https://t.co/xtbLYdZhgx

    @hardenedlinux

    18 May 2025

    1494 Impressions

    6 Retweets

    13 Likes

    7 Bookmarks

    1 Reply

    1 Quote

  7. GLIBC-SA-2025-0002 - elf: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH (CVE-2025-4802) https://t.co/fLUJRl1o9r

    @andersonc0d3

    16 May 2025

    555 Impressions

    2 Retweets

    12 Likes

    2 Bookmarks

    0 Replies

    0 Quotes