Lucene search
OracleLinuxELSA-2023-5453HistoryOct 10, 2023 - 12:00 a.m.
glibc security update
2023-10-1000:00:00
linux.oracle.com
9
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.016 Low
EPSS
Percentile
87.2%
[2.34-60.0.3.7]
- CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode (#2234716).
- CVE-2203-4806: potential use-after-free in getaddrinfo.
- CVE-2023-4813: potential use-after-free in gaih_inet.
Reviewed by: Jose E. Marchesi
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 9 | src | glibc | < 2.34-60.0.3.el9_2.7 | glibc-2.34-60.0.3.el9_2.7.src.rpm |
| oracle linux | 9 | src | glibc | < 2.34-60.0.3.el9_2.7 | glibc-2.34-60.0.3.el9_2.7.src.rpm |
| oracle linux | 9 | src | glibc | < 2.34-60.0.3.el9_2.7 | glibc-2.34-60.0.3.el9_2.7.src.rpm |
| oracle linux | 9 | src | glibc | < 2.34-60.0.3.el9_2.7 | glibc-2.34-60.0.3.el9_2.7.src.rpm |
| oracle linux | 9 | aarch64 | glibc | < 2.34-60.0.3.el9_2.7 | glibc-2.34-60.0.3.el9_2.7.aarch64.rpm |
| oracle linux | 9 | aarch64 | glibc | < 2.34-60.0.3.el9_2.7 | glibc-2.34-60.0.3.el9_2.7.aarch64.rpm |
| oracle linux | 9 | aarch64 | glibc-all-langpacks | < 2.34-60.0.3.el9_2.7 | glibc-all-langpacks-2.34-60.0.3.el9_2.7.aarch64.rpm |
| oracle linux | 9 | aarch64 | glibc-all-langpacks | < 2.34-60.0.3.el9_2.7 | glibc-all-langpacks-2.34-60.0.3.el9_2.7.aarch64.rpm |
| oracle linux | 9 | aarch64 | glibc-benchtests | < 2.34-60.0.3.el9_2.7 | glibc-benchtests-2.34-60.0.3.el9_2.7.aarch64.rpm |
| oracle linux | 9 | aarch64 | glibc-common | < 2.34-60.0.3.el9_2.7 | glibc-common-2.34-60.0.3.el9_2.7.aarch64.rpm |
Related
redhat
redhat
(RHSA-2023:5453) Important: glibc security update
2023-10-05 10:04:00
(RHSA-2023:5455) Important: glibc security update
2023-10-05 10:08:32
nessus
nessus
Amazon Linux 2023 : compat-libpthread-nonshared, glibc, glibc-all-langpacks (ALAS2023-2023-359)
2023-10-03 00:00:00
RHEL 9 : glibc (RHSA-2023:5453)
2023-10-05 00:00:00
RHEL 8 : glibc (RHSA-2023:5455)
2023-10-05 00:00:00
osv
osv
Important: glibc security update
2023-10-06 22:57:06
Important: glibc security update
2023-10-05 00:00:00
Important: glibc security update
2023-10-05 00:00:00
almalinux
almalinux
Important: glibc security update
2023-10-05 00:00:00
Important: glibc security update
2023-10-05 00:00:00
rocky
rocky
glibc security update
2023-10-06 22:57:06
oraclelinux
oraclelinux
glibc security update
2023-10-12 00:00:00
glibc security update
2023-12-19 00:00:00
glibc security update
2023-10-12 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2332
2024-01-30 08:26:13
Advisory ROSA-SA-2024-2331
2024-01-30 08:06:33
openvas
openvas
Debian: Security Advisory (DSA-5514-1)
2023-10-04 00:00:00
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2024-1398)
2024-03-21 00:00:00
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2023-3269)
2023-12-12 00:00:00
debian
debian
[SECURITY] [DSA 5514-1] glibc security update
2023-10-03 17:26:13
fedora
fedora
[SECURITY] Fedora 38 Update: glibc-2.37-10.fc38
2023-10-04 15:52:08
[SECURITY] Fedora 39 Update: glibc-2.38-6.fc39
2023-10-04 17:16:19
[SECURITY] Fedora 37 Update: glibc-2.36-14.fc37
2023-10-04 15:49:21
gentoo
gentoo
glibc: Multiple vulnerabilities
2023-10-04 00:00:00
ubuntu
ubuntu
GNU C Library vulnerabilities
2023-10-03 00:00:00
GNU C Library regression
2024-01-10 00:00:00
GNU C Library vulnerabilities
2023-12-07 00:00:00
mageia
mageia
Updated glibc packages fix security and other bugs
2023-09-27 19:31:30
Updated glibc packages fix a security vulnerability
2023-10-12 00:04:02
cloudfoundry
cloudfoundry
USN-6409-1: GNU C Library vulnerabilities | Cloud Foundry
2024-03-18 00:00:00
USN-6541-1: GNU C Library vulnerabilities | Cloud Foundry
2024-04-04 00:00:00
USN-6541-2: GNU C Library regression | Cloud Foundry
2024-02-29 00:00:00
ibm
ibm
ubuntucve
ubuntucve
prion
prion
Design/Logic Flaw
2023-09-12 22:15:00
Design/Logic Flaw
2023-09-18 17:15:00
Design/Logic Flaw
2023-09-18 17:15:00
redhatcve
redhatcve
debiancve
debiancve
cgr
cgr
CVE-2023-4527 vulnerabilities
2024-05-08 21:08:34
CVE-2023-4911 vulnerabilities
2024-05-08 21:08:34
wolfi
wolfi
CVE-2023-4527 vulnerabilities
2024-05-08 21:18:58
cve
cve
cbl_mariner
cbl_mariner
CVE-2023-4806 affecting package glibc for versions less than 2.35-6
2023-11-08 02:07:28
CVE-2023-4911 affecting package glibc for versions less than 2.35-5
2023-10-11 01:41:59
hivepro
hivepro
‘Looney Tunables’ Flaw Enables Local Privilege Escalation in Glibc
2023-10-05 10:18:37
f5
f5
K000137187 : GlibC vulnerability CVE-2023-4911
2023-10-09 00:00:00
kitploit
kitploit
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Gnu Glibc
2023-10-09 11:45:32
Exploit for Out-of-bounds Write in Gnu Glibc
2023-10-10 22:04:23
Exploit for Out-of-bounds Write in Gnu Glibc
2023-10-25 11:59:34
broadcom
broadcom
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so
2024-01-17 00:00:00
zdt
zdt
Glibc Tunables Privilege Escalation Exploit
2023-12-21 00:00:00
packetstorm
packetstorm
Glibc Tunables Privilege Escalation
2023-12-21 00:00:00
attackerkb
attackerkb
CVE-2023-4911
2023-10-03 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.016 Low
EPSS
Percentile
87.2%
Related for ELSA-2023-5453