Lucene search

K
mageiaGentoo FoundationMGASA-2023-0270
HistorySep 27, 2023 - 7:31 p.m.

Updated glibc packages fix security and other bugs

2023-09-2719:31:30
Gentoo Foundation
advisories.mageia.org
36
glibc
security
getaddrinfo
cve-2023-4806
cve-2023-4527
elf
bz #30785
bz #19924
intl
x86
bug fix
unix

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

0.001 Low

EPSS

Percentile

40.8%

getaddrinfo: Fix use after free in getcanonname (CVE-2023-4806) Stack read overflow with large TCP responses in no-aaaa mode (CVE-2023-4527) elf: Introduce to _dl_call_fini elf: Do not run constructors for proxy objects elf: Always call destructors in reverse constructor order [BZ #30785] elf: Remove unused l_text_end field from struct link_map elf: Move l_init_called_next to old place of l_text_end in link map elf: Fix slow tls access after dlopen [BZ #19924] intl: Treat C.UTF-8 locale like C locale [BZ# 16621] x86: Increase non_temporal_threshold to roughly โ€œsizeof_L3 / 4โ€ x86: Fix slight bug in shared_per_thread cache size calculation x86: Use 3/4*sizeof(per-thread-L3) as low bound for NT threshold x86: Fix incorrect scope of setting shared_per_thread [BZ #30745]

OSVersionArchitecturePackageVersionFilename
Mageia9noarchglibc<ย 2.36-49glibc-2.36-49.mga9

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

0.001 Low

EPSS

Percentile

40.8%