A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
Metrics
Affected Vendors & Products
References
History
Tue, 17 Sep 2024 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Canonical
Canonical ubuntu Linux Debian Debian debian Linux |
|
CPEs | cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:* cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:13.0:*:*:*:*:*:*:* |
|
Vendors & Products |
Canonical
Canonical ubuntu Linux Debian Debian debian Linux |
Mon, 16 Sep 2024 14:45:00 +0000
Wed, 14 Aug 2024 01:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2023-10-03T17:25:08.434Z
Updated: 2024-09-16T13:49:25.654Z
Reserved: 2023-09-12T13:10:32.495Z
Link: CVE-2023-4911
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-10-03T18:15:10.463
Modified: 2024-09-17T19:46:45.837
Link: CVE-2023-4911
Redhat