PT-2023-9765 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a format-overflow warning in the f2fs component of the Linux kernel. The warning occurs when using the gcc compiler with the W=1 option. The problem is in the...

Oracle Linux 8 : glibc (ELSA-2023-12853)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12853 advisory. 2.28-225.0.4 - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E. Marchesi Tenable has extracted the preceding...

Heap OOB Read

Environment bash Distributor ID: Debian Description: Debian GNU/Linux bookworm/sid Version I checked against the latest release as of 10/08/23 the current master branch at commit 50c2ab06f45a3101d73d6f317e98f041809f4923 . Description This AddressSanitizer output is indicating an OOB read of inval...

Debian dla-3611 : inetutils - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3611 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3611-1 [email protected]...

Amazon Linux AMI : gsl (ALAS-2023-1851)

The version of gsl installed on the remote host is prior to 1.13-4.4. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1851 advisory. A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL GNU Scientific Library, versions 2....

glibc: buffer overflow in ld.so leading to privilege escalation

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...

glibc: potential use-after-free in gaih_inet()

A flaw has been identified in glibc. In an uncommon situation, the gaihinet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with...

glibc: potential use-after-free in getaddrinfo()

A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the nssgethostbyname2r and nssgetcanonnamer hooks without...

glibc: potential use-after-free in gaih_inet()

A flaw has been identified in glibc. In an uncommon situation, the gaihinet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with...

glibc: buffer overflow in ld.so leading to privilege escalation

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...

Exim finally fixes 3 out of 6 vulnerabilities

Exim is a message transfer agent MTA originally developed at the University of Cambridge for use on Unix systems connected to the internet, and is freely available under the terms of the GNU General Public Licence. Even though the name may be new to you, a Shodan search revealed 3.5 million serve...

The vulnerability of the getaddrinfo function in the system library glibc, which allows a hacker to cause a service failure

The vulnerability of the getaddrinfo function in the system library glibc is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

Oracle Linux 8 : glibc (ELSA-2023-12851)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12851 advisory. 2.28-225.0.4 - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E. Marchesi Tenable has extracted the preceding...

USN-6413-1: GNU binutils vulnerabilities

It was discovered that GNU binutils was not properly performing checks when dealing with memory allocation operations, which could lead to excessive memory consumption. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2017-1712...

Exploit for Heap-based Buffer Overflow in Gnu Glibc

CVE-2023-4911 - Looney Tunables This is a atm very rough pr...

Exploit for Heap-based Buffer Overflow in Gnu Glibc

PoC of CVE-2023-4911 "Looney Tunables" This is a PoC of CVE-2...

Exploit for Heap-based Buffer Overflow in Gnu Glibc

CVE-2023-4911 https://www.qualys.com/2023/10/03/cve-2023-4911...

Exploit for Heap-based Buffer Overflow in Gnu Glibc

CVE-2023-4911 https://www.qualys.com/2023/10/03/cve-2023-4911...

Ubuntu 16.04 ESM / 18.04 ESM : GNU binutils vulnerabilities (USN-6413-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6413-1 advisory. It was discovered that GNU binutils was not properly performing checks when dealing with memory allocation operations, which could lead to...

CVE-2023-4911

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...