CVE-2023-4911

ADVISORY - nist

Summary

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.

EPSS Score⁠: 0.78156 (0.990)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-122⁠

Heap-based Buffer Overflow

CWE-787⁠

Out-of-bounds Write

ADVISORY - redhat

CWE-122⁠

Heap-based Buffer Overflow

Impacted images

Advisories

NIST

CREATED

2 years ago

UPDATED

3 months ago

ADVISORY IDCVE-2023-4911⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-122⁠CWE-787⁠

CVSS SCORE

7.8high

Debian

CREATED

2 years ago

UPDATED

16 days ago

ADVISORY IDCVE-2023-4911⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

2 years ago

UPDATED

5 months ago

ADVISORY IDCVE-2023-4911⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.8high

Alma

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDALSA-2023:5453⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Alma

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDALSA-2023:5455⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDALAS2023-2023-359⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Red Hat

CREATED

2 years ago

UPDATED

5 months ago

ADVISORY IDCVE-2023-4911⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-122⁠

CVSS SCORE

7.8high

Rocky

CREATED

2 years ago

UPDATED

5 months ago

ADVISORY IDRLSA-2023:5455⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDELSA-2023-12850⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDELSA-2023-12851⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDELSA-2023-12853⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDELSA-2023-12854⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDELSA-2023-12872⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDELSA-2023-12873⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDELSA-2023-5453⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDELSA-2023-5455⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Chainguard

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY ID

CGA-57wh-hj4x-5342

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

intheWild

CREATED

2 years ago

UPDATED

5 months ago

ADVISORY IDCVE-2023-4911⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

CISA

CREATED

2 years ago

UPDATED

4 months ago

ADVISORY ID

CVE-2023-4911

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY