### [CVE-2019-1010023](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010023)
![](https://img.shields.io/static/v1?label=Product&message=glibc&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=current%20(At%20least%20as%20of%202018-02-16)%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Re-mapping%20current%20loaded%20libray%20with%20malicious%20ELF%20file&color=brightgreen)

### Description

GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.

### POC

#### Reference
- https://sourceware.org/bugzilla/show_bug.cgi?id=22851

#### Github
- https://github.com/11notes/docker-paperless-ngx
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CKA-codespace/cg-compare
- https://github.com/DanMolz/wiz-scripts
- https://github.com/Dariani223/DevOpsFinal
- https://github.com/Giovanni26101982/Grupo4_Docker_Tarea3
- https://github.com/GrigGM/05-virt-04-docker-hw
- https://github.com/Myash-New/05-virt-04-docker-in-practice
- https://github.com/Oscar112248/Grupo4_Docker_Tarea3
- https://github.com/PajakAlexandre/wik-dps-tp02
- https://github.com/PaulJara84/Grupo4_Docker_Tarea3
- https://github.com/Telooss/TP-WIK-DPS-TP02
- https://github.com/TimesysGit/meta-timesys
- https://github.com/TinchoXD/Grupo4_Docker_Tarea3
- https://github.com/ardhiatno/ubimicro-fluentbit
- https://github.com/cdupuis/image-api
- https://github.com/drewtwitchell/scancompare
- https://github.com/fokypoky/places-list
- https://github.com/garethr/snykout
- https://github.com/gatecheckdev/gatecheck
- https://github.com/mmbazm/secure_license_server
- https://github.com/oportero/Grupo4_Docker_Tarea3
- https://github.com/poikl246/DevSecOps-2024-v2
- https://github.com/x9nico/Exam_Docker
- https://github.com/z4ng1ew/Trivy-Flask-App-With-Bandit-TruffleHog
- https://github.com/zparnold/deb-checker