Lucene search
UbuntuUSN-6541-2HistoryJan 10, 2024 - 12:00 a.m.
GNU C Library regression
2024-01-1000:00:00
ubuntu.com
21
gnu c library
ubuntu 22.04 lts
vulnerability fix
nscd service
cve-2023-4806
cve-2023-4813
memory leak
denial of service
ipv6 processing
Releases
- Ubuntu 22.04 LTS
Packages
- glibc - GNU C Library
Details
USN-6541-1 fixed vulnerabilities in the GNU C Library. Unfortunately,
changes made to allow proper application of the fix for CVE-2023-4806 in
Ubuntu 22.04 LTS introduced an issue in the NSCD service IPv6 processing
functionalities. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that the GNU C Library was not properly handling certain
memory operations. An attacker could possibly use this issue to cause a
denial of service (application crash). (CVE-2023-4806, CVE-2023-4813)
It was discovered that the GNU C library was not properly implementing a
fix for CVE-2023-4806 in certain cases, which could lead to a memory leak.
An attacker could possibly use this issue to cause a denial of service
(application crash). This issue only affected Ubuntu 22.04 LTS and Ubuntu
23.04. (CVE-2023-5156)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 22.04 | noarch | libc-bin | < 2.35-0ubuntu3.6 | UNKNOWN |
| Ubuntu | 22.04 | noarch | glibc-doc | < 2.35-0ubuntu3.6 | UNKNOWN |
| Ubuntu | 22.04 | noarch | glibc-source | < 2.35-0ubuntu3.6 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libc-bin-dbgsym | < 2.35-0ubuntu3.6 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libc-dev-bin | < 2.35-0ubuntu3.6 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libc-dev-bin-dbgsym | < 2.35-0ubuntu3.6 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libc-devtools | < 2.35-0ubuntu3.6 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libc-devtools-dbgsym | < 2.35-0ubuntu3.6 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libc6 | < 2.35-0ubuntu3.6 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libc6-dbg | < 2.35-0ubuntu3.6 | UNKNOWN |
References
Related
ubuntucve
ubuntucve
openvas
openvas
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2024-1034)
2024-01-05 00:00:00
Ubuntu: Security Advisory (USN-6541-1)
2023-12-08 00:00:00
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2023-3330)
2023-12-12 00:00:00
nessus
nessus
EulerOS Virtualization 2.9.1 : glibc (EulerOS-SA-2024-1034)
2024-01-16 00:00:00
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 : GNU C Library vulnerabilities (USN-6541-1)
2023-12-07 00:00:00
EulerOS 2.0 SP9 : glibc (EulerOS-SA-2023-3330)
2024-01-16 00:00:00
ubuntu
ubuntu
GNU C Library vulnerabilities
2023-12-07 00:00:00
osv
osv
glibc vulnerabilities
2023-12-07 16:24:50
glibc regression
2024-01-10 13:10:15
CVE-2023-5156
2023-09-25 16:15:15
cloudfoundry
cloudfoundry
USN-6541-1: GNU C Library vulnerabilities | Cloud Foundry
2024-04-04 00:00:00
USN-6541-2: GNU C Library regression | Cloud Foundry
2024-02-29 00:00:00
redhatcve
redhatcve
prion
prion
Memory corruption
2023-09-25 16:15:00
Design/Logic Flaw
2023-09-12 22:15:00
Design/Logic Flaw
2023-09-18 17:15:00
cvelist
cvelist
CVE-2023-5156 Glibc: dos due to memory leak in getaddrinfo.c
2023-09-25 15:55:15
CVE-2023-4813 Glibc: potential use-after-free in gaih_inet()
2023-09-12 21:54:33
CVE-2023-4806 Glibc: potential use-after-free in getaddrinfo()
2023-09-18 16:33:57
redhat
redhat
(RHSA-2023:7409) Moderate: glibc security update
2023-11-21 09:53:27
(RHSA-2023:5453) Important: glibc security update
2023-10-05 10:04:00
(RHSA-2023:5455) Important: glibc security update
2023-10-05 10:08:32
debiancve
debiancve
mageia
mageia
Updated glibc packages fix a security vulnerability
2023-10-03 13:53:29
Updated glibc packages fix security and other bugs
2023-09-27 19:31:30
cve
cve
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0535
2023-12-24 00:00:00
Moderate Photon OS Security Update - PHSA-2023-3.0-0691
2023-11-23 00:00:00
Moderate Photon OS Security Update - PHSA-2024-3.0-0715
2024-01-19 00:00:00
oraclelinux
oraclelinux
glibc security update
2023-10-12 00:00:00
glibc security update
2023-10-10 00:00:00
glibc security update
2023-10-12 00:00:00
rocky
rocky
glibc security update
2023-10-06 22:57:06
fedora
fedora
[SECURITY] Fedora 37 Update: glibc-2.36-14.fc37
2023-10-04 15:49:21
[SECURITY] Fedora 38 Update: glibc-2.37-10.fc38
2023-10-04 15:52:08
[SECURITY] Fedora 39 Update: glibc-2.38-6.fc39
2023-10-04 17:16:19
almalinux
almalinux
Important: glibc security update
2023-10-05 00:00:00
Important: glibc security update
2023-10-05 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2332
2024-01-30 08:26:13
ibm
ibm
cbl_mariner
cbl_mariner
CVE-2023-4806 affecting package glibc for versions less than 2.35-6
2023-11-08 02:07:28
CVE-2023-5156 affecting package glibc for versions less than 2.35-6
2023-11-08 02:07:28
cgr
cgr
CVE-2023-5156 vulnerabilities
2024-05-17 15:41:37
wolfi
wolfi
CVE-2023-5156 vulnerabilities
2024-05-17 09:07:10
debian
debian
[SECURITY] [DSA 5514-1] glibc security update
2023-10-03 17:26:37
gentoo
gentoo
glibc: Multiple Vulnerabilities
2024-02-02 00:00:00
glibc: Multiple vulnerabilities
2023-10-04 00:00:00