A vulnerability in the library loader of the GNU C library can be exploited to obtain root privileges under Linux and other systems. Attackers could exploit the hole, for instance, to gain full control of a system by escalating their privileges after breaking into a web server with restricted access rights. Various distributors are already working on updates.
The loading of dynamically linked libraries when starting applications with Set User ID (SUID) privileges has always been a potential security issue. For example an attacker might set a path to a crafted library for the LD_PRELOAD environment variable, start an SUID program and have the library executed at the same privilege level as the SUID program. For this reason, various security measures and restrictions are in place to prevent applications from loading arbitrary further libraries, for instance, by adding path information.

The link for this article located at H Security is no longer available.