Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2023-4911

Опубликовано: 03 окт. 2023
Источник: ubuntu
Приоритет: high
EPSS Высокий
CVSS3: 7.8

Описание

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

not-affected

code not present
esm-infra/focal

DNE

focal

DNE

jammy

DNE

lunar

DNE

mantic

DNE

noble

DNE

trusty

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

released

2.38-1ubuntu6
esm-infra/bionic

not-affected

code not present
esm-infra/focal

not-affected

code not present
esm-infra/xenial

not-affected

code not present
focal

not-affected

code not present
jammy

released

2.35-0ubuntu3.4
lunar

released

2.37-0ubuntu2.1
mantic

released

2.38-1ubuntu6
noble

released

2.38-1ubuntu6

Показывать по

Ссылки на источники

EPSS

Процентиль: 99%
0.75468
Высокий

7.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2023-4911

CVSS3: 7.8
redhat
больше 1 года назад

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.

nvd логотип

CVE-2023-4911

CVSS3: 7.8
nvd
больше 1 года назад

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.

msrc логотип

CVE-2023-4911

CVSS3: 7.8
msrc
больше 1 года назад

Описание отсутствует

debian логотип

CVE-2023-4911

CVSS3: 7.8
debian
больше 1 года назад

A buffer overflow was discovered in the GNU C Library's dynamic loader ...

github логотип

GHSA-m77w-6vjw-wh2f

CVSS3: 7.8
github
больше 1 года назад

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.

EPSS

Процентиль: 99%
0.75468
Высокий

7.8 High

CVSS3

Уязвимость CVE-2023-4911