Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Untriaged
(browse all)
Permalink CVE-2023-4911
created 4 months, 2 weeks ago
Glibc: buffer overflow in ld.so leading to privilege escalation

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.

Affected products

glibc
  • *
  • <2.39
compat-glibc
redhat-virtualization-host
  • *
redhat-release-virtualization-host
  • *

Matching in nixpkgs

pkgs.libc

GNU C Library

pkgs.glibc

GNU C Library

pkgs.iconv

GNU C Library

pkgs.getent

None

pkgs.locale

None

pkgs.mtrace

Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3)

pkgs.getconf

None

pkgs.libiconv

None

  • nixos-unstable -

pkgs.glibcInfo

GNU Info manual of the GNU C Library

pkgs.glibc_multi

None

pkgs.glibcLocales

Locale information for the GNU C Library

pkgs.glibc_memusage

GNU C Library

pkgs.glibcLocalesUtf8

Locale information for the GNU C Library

pkgs.unixtools.getent

None

pkgs.unixtools.locale

None

pkgs.unixtools.getconf

None

pkgs.tests.hardeningFlags.glibcxxassertionsStdenvUnsupp

None

  • nixos-unstable -
    • nixpkgs-unstable

pkgs.tests.hardeningFlags.glibcxxassertionsExplicitEnabled

None

  • nixos-unstable -
    • nixpkgs-unstable

pkgs.tests.hardeningFlags-gcc.glibcxxassertionsStdenvUnsupp

None

  • nixos-unstable -
    • nixpkgs-unstable

pkgs.tests.hardeningFlags.glibcxxassertionsExplicitDisabled

None

  • nixos-unstable -
    • nixpkgs-unstable

pkgs.tests.hardeningFlags-clang.glibcxxassertionsStdenvUnsupp

None

  • nixos-unstable -
    • nixpkgs-unstable

pkgs.tests.hardeningFlags-gcc.glibcxxassertionsExplicitEnabled

None

  • nixos-unstable -
    • nixpkgs-unstable

pkgs.tests.hardeningFlags-gcc.glibcxxassertionsExplicitDisabled

None

  • nixos-unstable -
    • nixpkgs-unstable

pkgs.tests.hardeningFlags-clang.glibcxxassertionsExplicitEnabled

None

  • nixos-unstable -
    • nixpkgs-unstable

pkgs.tests.hardeningFlags-clang.glibcxxassertionsExplicitDisabled

None

  • nixos-unstable -
    • nixpkgs-unstable

Package maintainers