Lucene search
OracleLinuxELSA-2023-5455HistoryDec 19, 2023 - 12:00 a.m.
glibc security update
2023-12-1900:00:00
linux.oracle.com
9
glibc
security update
stack read overflow
use-after-free
getaddrinfo
gaih_inet
rhel-2435
rhel-8
limitation
jose e. marchesi
unix
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.016 Low
EPSS
Percentile
87.2%
[2.28-225.0.4.6]
- CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode.
- CVE-2023-4806: potential use-after-free in getaddrinfo.
- CVE-2023-4813: potential use-after-free in gaih_inet (RHEL-2435).
- CVE-2023-4813: work around RHEL-8 limitation in test (RHEL-2435).
Reviewed by: Jose E. Marchesi
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 8 | src | glibc | < 2.28-225.0.4.el8_8.6 | glibc-2.28-225.0.4.el8_8.6.src.rpm |
| oracle linux | 8 | src | glibc | < 2.28-225.0.4.el8_8.6 | glibc-2.28-225.0.4.el8_8.6.src.rpm |
| oracle linux | 8 | src | glibc | < 2.28-225.0.4.el8_8.6 | glibc-2.28-225.0.4.el8_8.6.src.rpm |
| oracle linux | 8 | src | glibc | < 2.28-225.0.4.el8_8.6 | glibc-2.28-225.0.4.el8_8.6.src.rpm |
| oracle linux | 8 | aarch64 | compat-libpthread-nonshared | < 2.28-225.0.4.el8_8.6 | compat-libpthread-nonshared-2.28-225.0.4.el8_8.6.aarch64.rpm |
| oracle linux | 8 | aarch64 | glibc | < 2.28-225.0.4.el8_8.6 | glibc-2.28-225.0.4.el8_8.6.aarch64.rpm |
| oracle linux | 8 | aarch64 | glibc | < 2.28-225.0.4.el8_8.6 | glibc-2.28-225.0.4.el8_8.6.aarch64.rpm |
| oracle linux | 8 | aarch64 | glibc-all-langpacks | < 2.28-225.0.4.el8_8.6 | glibc-all-langpacks-2.28-225.0.4.el8_8.6.aarch64.rpm |
| oracle linux | 8 | aarch64 | glibc-all-langpacks | < 2.28-225.0.4.el8_8.6 | glibc-all-langpacks-2.28-225.0.4.el8_8.6.aarch64.rpm |
| oracle linux | 8 | aarch64 | glibc-benchtests | < 2.28-225.0.4.el8_8.6 | glibc-benchtests-2.28-225.0.4.el8_8.6.aarch64.rpm |
Related
rocky
rocky
glibc security update
2023-10-06 22:57:06
oraclelinux
oraclelinux
glibc security update
2023-10-12 00:00:00
glibc security update
2023-10-10 00:00:00
glibc security update
2023-10-12 00:00:00
nessus
nessus
Amazon Linux 2023 : compat-libpthread-nonshared, glibc, glibc-all-langpacks (ALAS2023-2023-359)
2023-10-03 00:00:00
RHEL 9 : glibc (RHSA-2023:5453)
2023-10-05 00:00:00
Oracle Linux 9 : glibc (ELSA-2023-12873)
2023-10-12 00:00:00
redhat
redhat
(RHSA-2023:5453) Important: glibc security update
2023-10-05 10:04:00
(RHSA-2023:5455) Important: glibc security update
2023-10-05 10:08:32
osv
osv
Important: glibc security update
2023-10-06 22:57:06
Important: glibc security update
2023-10-05 00:00:00
Important: glibc security update
2023-10-05 00:00:00
almalinux
almalinux
Important: glibc security update
2023-10-05 00:00:00
Important: glibc security update
2023-10-05 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2332
2024-01-30 08:26:13
Advisory ROSA-SA-2024-2331
2024-01-30 08:06:33
openvas
openvas
Debian: Security Advisory (DSA-5514-1)
2023-10-04 00:00:00
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2024-1426)
2024-03-21 00:00:00
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2023-3241)
2023-12-12 00:00:00
debian
debian
[SECURITY] [DSA 5514-1] glibc security update
2023-10-03 17:26:13
fedora
fedora
[SECURITY] Fedora 38 Update: glibc-2.37-10.fc38
2023-10-04 15:52:08
[SECURITY] Fedora 39 Update: glibc-2.38-6.fc39
2023-10-04 17:16:19
[SECURITY] Fedora 37 Update: glibc-2.36-14.fc37
2023-10-04 15:49:21
gentoo
gentoo
glibc: Multiple vulnerabilities
2023-10-04 00:00:00
ubuntu
ubuntu
GNU C Library vulnerabilities
2023-10-03 00:00:00
GNU C Library regression
2024-01-10 00:00:00
GNU C Library vulnerabilities
2023-12-07 00:00:00
cloudfoundry
cloudfoundry
USN-6409-1: GNU C Library vulnerabilities | Cloud Foundry
2024-03-18 00:00:00
USN-6541-2: GNU C Library regression | Cloud Foundry
2024-02-29 00:00:00
USN-6541-1: GNU C Library vulnerabilities | Cloud Foundry
2024-04-04 00:00:00
mageia
mageia
Updated glibc packages fix security and other bugs
2023-09-27 19:31:30
Updated glibc packages fix a security vulnerability
2023-10-12 00:04:02
ubuntucve
ubuntucve
ibm
ibm
redhatcve
redhatcve
prion
prion
Design/Logic Flaw
2023-09-12 22:15:00
Design/Logic Flaw
2023-09-18 17:15:00
Design/Logic Flaw
2023-09-18 17:15:00
wolfi
wolfi
CVE-2023-4527 vulnerabilities
2024-05-09 03:06:40
CVE-2023-4911 vulnerabilities
2024-05-09 03:06:40
cve
cve
debiancve
debiancve
cgr
cgr
CVE-2023-4527 vulnerabilities
2024-05-09 03:06:40
CVE-2023-4911 vulnerabilities
2024-05-09 03:06:40
cbl_mariner
cbl_mariner
CVE-2023-4806 affecting package glibc for versions less than 2.35-6
2023-11-08 02:07:28
CVE-2023-4911 affecting package glibc for versions less than 2.35-5
2023-10-11 01:41:59
broadcom
broadcom
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so
2024-01-17 00:00:00
zdt
zdt
Glibc Tunables Privilege Escalation Exploit
2023-12-21 00:00:00
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Gnu Glibc
2023-10-25 11:59:34
Exploit for Out-of-bounds Write in Gnu Glibc
2023-10-28 20:05:30
Exploit for Out-of-bounds Write in Gnu Glibc
2023-10-04 14:12:16
attackerkb
attackerkb
CVE-2023-4911
2023-10-03 00:00:00
cisa_kev
cisa_kev
GNU C Library Buffer Overflow Vulnerability
2023-11-21 00:00:00
packetstorm
packetstorm
Glibc Tunables Privilege Escalation
2023-12-21 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.016 Low
EPSS
Percentile
87.2%
Related for ELSA-2023-5455