Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-RU-2023:4063-1

Опубликовано: 12 окт. 2023
Источник: suse-cvrf

Описание

Recommended update for glibc

This update of glibc fixes the following issues:

Security issue fixed:

  • CVE-2023-4813: Fixed a potential use-after-free in gaih_inet() (bsc#1215286, BZ #28931)

Other issues fixed:

  • S390: Fix relocation of _nl_current_LC_CATETORY_used in static build (bsc#1215504, BZ #19860)
  • added GB18030-2022 charmap (jsc#PED-4908, BZ #30243)

Список пакетов

Container suse/ltss/sle12.5/sles12sp5:latest
glibc-2.22-114.31.1
Container suse/sles12sp5:latest
glibc-2.22-114.31.1
Image SLES12-SP5-Azure-BYOS
glibc-2.22-114.31.1
glibc-i18ndata-2.22-114.31.1
glibc-locale-2.22-114.31.1
nscd-2.22-114.31.1
Image SLES12-SP5-Azure-Basic-On-Demand
glibc-2.22-114.31.1
glibc-i18ndata-2.22-114.31.1
glibc-locale-2.22-114.31.1
nscd-2.22-114.31.1
Image SLES12-SP5-Azure-HPC-BYOS
glibc-2.22-114.31.1
glibc-32bit-2.22-114.31.1
glibc-devel-2.22-114.31.1
glibc-i18ndata-2.22-114.31.1
glibc-locale-2.22-114.31.1
nscd-2.22-114.31.1
Image SLES12-SP5-Azure-HPC-On-Demand
glibc-2.22-114.31.1
glibc-32bit-2.22-114.31.1
glibc-devel-2.22-114.31.1
glibc-i18ndata-2.22-114.31.1
glibc-locale-2.22-114.31.1
nscd-2.22-114.31.1
Image SLES12-SP5-Azure-SAP-BYOS
glibc-2.22-114.31.1
glibc-i18ndata-2.22-114.31.1
glibc-locale-2.22-114.31.1
nscd-2.22-114.31.1
Image SLES12-SP5-Azure-SAP-On-Demand
glibc-2.22-114.31.1
glibc-i18ndata-2.22-114.31.1
glibc-locale-2.22-114.31.1
nscd-2.22-114.31.1
Image SLES12-SP5-Azure-Standard-On-Demand
glibc-2.22-114.31.1
glibc-i18ndata-2.22-114.31.1
glibc-locale-2.22-114.31.1
nscd-2.22-114.31.1
Image SLES12-SP5-EC2-BYOS
glibc-2.22-114.31.1
glibc-i18ndata-2.22-114.31.1
glibc-locale-2.22-114.31.1
nscd-2.22-114.31.1
Image SLES12-SP5-EC2-ECS-On-Demand
glibc-2.22-114.31.1
glibc-locale-2.22-114.31.1
nscd-2.22-114.31.1
Image SLES12-SP5-EC2-On-Demand
glibc-2.22-114.31.1
glibc-i18ndata-2.22-114.31.1
glibc-locale-2.22-114.31.1
nscd-2.22-114.31.1
Image SLES12-SP5-EC2-SAP-BYOS
glibc-2.22-114.31.1
glibc-i18ndata-2.22-114.31.1
glibc-locale-2.22-114.31.1
nscd-2.22-114.31.1
Image SLES12-SP5-EC2-SAP-On-Demand
glibc-2.22-114.31.1
glibc-i18ndata-2.22-114.31.1
glibc-locale-2.22-114.31.1
nscd-2.22-114.31.1
Image SLES12-SP5-GCE-BYOS
glibc-2.22-114.31.1
glibc-i18ndata-2.22-114.31.1
glibc-locale-2.22-114.31.1
nscd-2.22-114.31.1
Image SLES12-SP5-GCE-On-Demand
glibc-2.22-114.31.1
glibc-i18ndata-2.22-114.31.1
glibc-locale-2.22-114.31.1
nscd-2.22-114.31.1
Image SLES12-SP5-GCE-SAP-BYOS
glibc-2.22-114.31.1
glibc-i18ndata-2.22-114.31.1
glibc-locale-2.22-114.31.1
nscd-2.22-114.31.1
Image SLES12-SP5-GCE-SAP-On-Demand
glibc-2.22-114.31.1
glibc-i18ndata-2.22-114.31.1
glibc-locale-2.22-114.31.1
nscd-2.22-114.31.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
glibc-2.22-114.31.1
glibc-32bit-2.22-114.31.1
glibc-devel-2.22-114.31.1
glibc-i18ndata-2.22-114.31.1
glibc-locale-2.22-114.31.1
nscd-2.22-114.31.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
glibc-2.22-114.31.1
glibc-32bit-2.22-114.31.1
glibc-devel-2.22-114.31.1
glibc-i18ndata-2.22-114.31.1
glibc-locale-2.22-114.31.1
nscd-2.22-114.31.1
SUSE Linux Enterprise Server 12 SP5
glibc-2.22-114.31.1
glibc-32bit-2.22-114.31.1
glibc-devel-2.22-114.31.1
glibc-devel-32bit-2.22-114.31.1
glibc-html-2.22-114.31.1
glibc-i18ndata-2.22-114.31.1
glibc-info-2.22-114.31.1
glibc-locale-2.22-114.31.1
glibc-locale-32bit-2.22-114.31.1
glibc-profile-2.22-114.31.1
glibc-profile-32bit-2.22-114.31.1
nscd-2.22-114.31.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
glibc-2.22-114.31.1
glibc-32bit-2.22-114.31.1
glibc-devel-2.22-114.31.1
glibc-devel-32bit-2.22-114.31.1
glibc-html-2.22-114.31.1
glibc-i18ndata-2.22-114.31.1
glibc-info-2.22-114.31.1
glibc-locale-2.22-114.31.1
glibc-locale-32bit-2.22-114.31.1
glibc-profile-2.22-114.31.1
glibc-profile-32bit-2.22-114.31.1
nscd-2.22-114.31.1
SUSE Linux Enterprise Software Development Kit 12 SP5
glibc-devel-static-2.22-114.31.1
glibc-info-2.22-114.31.1

Ссылки

Описание

A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.

Затронутые продукты
Container suse/ltss/sle12.5/sles12sp5:latest:glibc-2.22-114.31.1
Container suse/sles12sp5:latest:glibc-2.22-114.31.1
Image SLES12-SP5-Azure-BYOS:glibc-2.22-114.31.1
Image SLES12-SP5-Azure-BYOS:glibc-i18ndata-2.22-114.31.1
Ссылки
Уязвимость SUSE-RU-2023:4063-1