Fedora, Ubuntu, and Debian are the systems most at risk from the bug. It's found in the GNU C Library (glibc) in the GNU system, which is found in most systems running the Linux kernel.
More information is available in our blog post here.
CVE-2023-4911
Published Oct 3, 2023
·
Last updated a month ago
Description
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
Insights
Analysis from the Intruder Security Team Published Oct 15, 2024
Risk scores
CVSS 3.1
- Primary
- 7.8
- 5.9
- 1.8
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- HIGH
Known exploits
Data from CISA
GNU C Library Buffer Overflow Vulnerability
Nov 21, 2023
Dec 12, 2023
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Source
secalert@redhat.com
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "71609239-5262-473E-ACCE-18AE51AB184E",
"versionEndExcluding": "2.39",
"versionStartIncluding": "2.34"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus:8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8BE16CC2-C6B4-4B73-98A1-F28475A92F49"
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB1DF28D-0D84-4E40-8E46-BA0EFD371111"
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C1A0CA2-2BBD-4A7A-B467-F456867D5EC6"
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "845B853C-8F99-4987-AA8E-76078CE6A977"
},
{
"criteria": "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6"
},
{
"criteria": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB28F9AF-3D06-4532-B397-96D7E4792503"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C3741B8-851F-475D-B428-523F4F722350"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37B7CE5C-BFEA-4F96-9759-D511EF189059"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus_s390x:8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2C0ED62-9DEE-437C-AC01-0173128259DB"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A633E21A-EBAA-41C9-A009-A36BDC762464"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "76C24D94-834A-4E9D-8F73-624AFA99AAA2"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1272DF03-7674-4BD4-8E64-94004B195448"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*",
"vulnerable": true,
"matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2E702D7-F8C0-49BF-9FFB-883017076E98"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:13.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "204FC6CC-9DAC-45FB-8A9F-C9C8EDD29D54"
}
],
"operator": "OR"
}
]
}
]