You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The value of the first argument of dlopen() may come from getenv. Using externally controlled strings in a process operation can allow an attacker to execute malicious commands.
This is nothing we can do about it. If you don't like this behaviour, remove the code or mangle getenv function calls. Actually, every dynamic linked application may use LD_PRELOAD dynamic variable, so the security is not a question for this.
The value of the first argument of dlopen() may come from getenv. Using externally controlled strings in a process operation can allow an attacker to execute malicious commands.
alsa-lib/src/dlmisc.c
Line 155 in ed6b070
alsa-lib/src/pcm/pcm_ladspa.c
Line 1094 in ed6b070
The text was updated successfully, but these errors were encountered: