CVE-2023-4527

ADVISORY - nist

Summary

A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.

EPSS Score⁠: 0.00105 (0.292)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-121⁠

Stack-based Buffer Overflow

CWE-125⁠

Out-of-bounds Read

ADVISORY - redhat

CWE-121⁠

Stack-based Buffer Overflow

Impacted images

Advisories

NIST

CREATED

2 years ago

UPDATED

9 months ago

ADVISORY IDCVE-2023-4527⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-121⁠CWE-125⁠

CVSS SCORE

6.5medium

Debian

CREATED

2 years ago

UPDATED

7 days ago

ADVISORY IDCVE-2023-4527⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

2 years ago

UPDATED

5 months ago

ADVISORY IDCVE-2023-4527⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.5medium

Alma

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDALSA-2023:5453⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Alma

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDALSA-2023:5455⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDALAS2023-2023-359⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Red Hat

CREATED

2 years ago

UPDATED

5 months ago

ADVISORY IDCVE-2023-4527⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-121⁠

CVSS SCORE

6.5medium

Rocky

CREATED

2 years ago

UPDATED

6 months ago

ADVISORY IDRLSA-2023:5455⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDELSA-2023-12872⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDELSA-2023-12873⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDELSA-2023-5453⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDELSA-2023-5455⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Chainguard

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY ID

CGA-49g3-q5cv-7m6g

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Photon

CREATED

9 months ago

UPDATED

2 months ago

ADVISORY ID

CVE-2023-4527

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.5medium

intheWild

CREATED

6 months ago

UPDATED

6 months ago

ADVISORY IDCVE-2023-4527⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY