First published: Mon Sep 11 2023(Updated: )
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
GNU glibc | ||
Fedoraproject Fedora | =37 | |
Fedoraproject Fedora | =38 | |
Fedoraproject Fedora | =39 | |
Redhat Virtualization | =4.0 | |
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux | =9.0 | |
ubuntu/glibc | <2.35-0ubuntu3.4 | 2.35-0ubuntu3.4 |
ubuntu/glibc | <2.37-0ubuntu2.1 | 2.37-0ubuntu2.1 |
ubuntu/glibc | <2.38-1ubuntu6 | 2.38-1ubuntu6 |
debian/glibc | <=2.31-13+deb11u6 | 2.28-10+deb10u1 2.28-10+deb10u2 2.31-13+deb11u7 2.36-9+deb12u3 2.37-12 2.37-13 |
GNU C Library (glibc) | =2.37 | |
GNU C Library (glibc) | =2.36 | |
redhat/glibc | <2.39 | 2.39 |
GNU GNU C Library | ||
GNU glibc | >=2.34<2.39 | |
Redhat Codeready Linux Builder Eus | =8.6 | |
Redhat Codeready Linux Builder For Arm64 Eus | =8.6 | |
Redhat Codeready Linux Builder For Ibm Z Systems Eus | =8.6 | |
Redhat Codeready Linux Builder For Power Little Endian Eus | =8.6 | |
Redhat Virtualization Host | =4.0 | |
Redhat Enterprise Linux Eus | =8.6 | |
Redhat Enterprise Linux For Arm 64 Eus | =8.6_aarch64 | |
Redhat Enterprise Linux For Ibm Z Systems Eus S390x | =8.6 | |
Redhat Enterprise Linux For Power Big Endian Eus | =8.6_ppc64le | |
Redhat Enterprise Linux Server Aus | =8.6 | |
Redhat Enterprise Linux Server Tus | =8.6 | |
Canonical Ubuntu Linux | =22.04 | |
Canonical Ubuntu Linux | =23.04 | |
Debian Debian Linux | =12.0 | |
Debian Debian Linux | =13.0 | |
>=2.34<2.39 | ||
=37 | ||
=38 | ||
=39 | ||
=8.6 | ||
=8.6 | ||
=8.6 | ||
=8.6 | ||
=4.0 | ||
=4.0 | ||
=8.0 | ||
=9.0 | ||
=8.6 | ||
=8.6_aarch64 | ||
=8.6 | ||
=8.6_ppc64le | ||
=8.6 | ||
=8.6 | ||
=22.04 | ||
=23.04 | ||
=12.0 | ||
=13.0 |
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2023-4911 is a vulnerability in the GNU C Library's dynamic loader ld.so, which allows a local attacker to escalate privileges on the system.
CVE-2023-4911 has a severity score of 7.8 (High).
CVE-2023-4911 affects glibc versions 2.35-0ubuntu3.4 and 2.37-0ubuntu2.1 on Ubuntu, and versions 2.28-10+deb10u1, 2.28-10+deb10u2, 2.31-13+deb11u7, and 2.36-9+deb12u3 on Debian.
A local attacker can exploit CVE-2023-4911 by using maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission, allowing them to execute arbitrary code.
To fix CVE-2023-4911, update glibc to the recommended versions provided by the vendor or distribution, such as version 2.35-0ubuntu3.4 for Ubuntu or version 2.31-13+deb11u7 for Debian.