Untriaged
Permalink
CVE-2023-4813
5.9 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): HIGH
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): HIGH
Glibc: potential use-after-free in gaih_inet()
A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.
References
- http://www.openwall.com/lists/oss-security/2023/10/03/8
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry
- RHBZ#2237798 issue-tracking x_refsource_REDHAT
- https://security.netapp.com/advisory/ntap-20231110-0003/
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry
- RHBZ#2237798 issue-tracking x_refsource_REDHAT
- https://security.netapp.com/advisory/ntap-20231110-0003/
- http://www.openwall.com/lists/oss-security/2023/10/03/8
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory
- http://www.openwall.com/lists/oss-security/2023/10/03/8
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry
- RHBZ#2237798 issue-tracking x_refsource_REDHAT
- https://security.netapp.com/advisory/ntap-20231110-0003/
- http://www.openwall.com/lists/oss-security/2023/10/03/8
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry
- RHBZ#2237798 issue-tracking x_refsource_REDHAT
- https://security.netapp.com/advisory/ntap-20231110-0003/
- http://www.openwall.com/lists/oss-security/2023/10/03/8
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry
- RHBZ#2237798 issue-tracking x_refsource_REDHAT
- https://security.netapp.com/advisory/ntap-20231110-0003/
- http://www.openwall.com/lists/oss-security/2023/10/03/8 x_transferred
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2237798 issue-tracking x_refsource_REDHAT x_transferred
- https://security.netapp.com/advisory/ntap-20231110-0003/ x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/8
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry
- RHBZ#2237798 issue-tracking x_refsource_REDHAT
- https://security.netapp.com/advisory/ntap-20231110-0003/
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2237798 issue-tracking x_refsource_REDHAT x_transferred
- https://security.netapp.com/advisory/ntap-20231110-0003/ x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/8 x_transferred
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/8
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry
- RHBZ#2237798 issue-tracking x_refsource_REDHAT
- https://security.netapp.com/advisory/ntap-20231110-0003/
- http://www.openwall.com/lists/oss-security/2023/10/03/8 x_transferred
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2237798 issue-tracking x_refsource_REDHAT x_transferred
- https://security.netapp.com/advisory/ntap-20231110-0003/ x_transferred
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry
- RHBZ#2237798 issue-tracking x_refsource_REDHAT
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory
- http://www.openwall.com/lists/oss-security/2023/10/03/8 x_transferred
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2237798 issue-tracking x_refsource_REDHAT x_transferred
- https://security.netapp.com/advisory/ntap-20231110-0003/ x_transferred
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry
- RHBZ#2237798 issue-tracking x_refsource_REDHAT
- http://www.openwall.com/lists/oss-security/2023/10/03/8 x_transferred
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2237798 issue-tracking x_refsource_REDHAT x_transferred
- https://security.netapp.com/advisory/ntap-20231110-0003/ x_transferred
- RHBA-2024:2413 x_refsource_REDHAT vendor-advisory
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry
- RHBZ#2237798 issue-tracking x_refsource_REDHAT
- http://www.openwall.com/lists/oss-security/2023/10/03/8 x_transferred
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2237798 issue-tracking x_refsource_REDHAT x_transferred
- https://security.netapp.com/advisory/ntap-20231110-0003/ x_transferred
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry
- RHBZ#2237798 issue-tracking x_refsource_REDHAT
- RHBA-2024:2413 x_refsource_REDHAT vendor-advisory
- http://www.openwall.com/lists/oss-security/2023/10/03/8 x_transferred
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2237798 issue-tracking x_refsource_REDHAT x_transferred
- https://security.netapp.com/advisory/ntap-20231110-0003/ x_transferred
- RHBA-2024:2413 x_refsource_REDHAT vendor-advisory
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry
- RHBZ#2237798 issue-tracking x_refsource_REDHAT
- http://www.openwall.com/lists/oss-security/2023/10/03/8 x_transferred
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2237798 issue-tracking x_refsource_REDHAT x_transferred
- https://security.netapp.com/advisory/ntap-20231110-0003/ x_transferred
- RHBA-2024:2413 x_refsource_REDHAT vendor-advisory
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry
- RHBZ#2237798 issue-tracking x_refsource_REDHAT
- http://www.openwall.com/lists/oss-security/2023/10/03/8 x_transferred
- RHSA-2023:5453 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:5455 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7409 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-4813 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2237798 issue-tracking x_refsource_REDHAT x_transferred
- https://security.netapp.com/advisory/ntap-20231110-0003/ x_transferred
Affected products
glibc
- *
- ==2.36
compat-glibc
Matching in nixpkgs
pkgs.mtrace
Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3)
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.glibc_multi
None
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.glibcLocales
Locale information for the GNU C Library
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.glibc_memusage
GNU C Library
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.glibcLocalesUtf8
Locale information for the GNU C Library
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.unixtools.getent
None
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.unixtools.locale
None
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.unixtools.getconf
None
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
Package maintainers
-
@Ma27 Maximilian Bosch <maximilian@mbosch.me>
-
@ConnorBaker Connor Baker <ConnorBaker01@gmail.com>