CVE-2010-4000

gnome-shell 2.31.5 - Privilege Escalation via LD_LIBRARY_PATH Manipulation

Title source: llm
STIX 2.1

Description

gnome-shell in GNOME Shell 2.31.5 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

References (1)

Core 1
Core References
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=644561

Scores

EPSS 0.0005
EPSS Percentile 14.4%

Details

CWE
CWE-264
Status published
Products (1)
gnome/gnome-shell 2.31.5
Published Nov 06, 2010
Tracked Since Feb 18, 2026