Description
A flaw was found in the way memory was being allocated on the stack for user
space binaries. If heap (or different memory region) and stack memory regions
were adjacent to each other, an attacker could use this flaw to jump over the
stack guard gap, cause controlled memory corruption on process stack or the
adjacent memory region, and thus increase their privileges on the system. This
is glibc-side mitigation which blocks processing of LD_LIBRARY_PATH for programs
running in secure-execution mode and reduces the number of allocations performed
by the processing of LD_AUDIT, LD_PRELOAD, and LD_HWCAP_MASK, making successful
exploitation of this issue more difficult. (CVE-2017-1000366).