CVE-2023-4527

A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
redhatCNA
6.5 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
VendorProductVersion
gnuglibc
𝑥
< 2.39
redhatcodeready_linux_builder_eus
9.2
redhatcodeready_linux_builder_eus_for_power_little_endian
9.0_ppc64le:_ppc64le
redhatcodeready_linux_builder_eus_for_power_little_endian_eus
9.2_ppc64le:_ppc64le
redhatcodeready_linux_builder_for_arm64
9.0_aarch64:_aarch64
redhatcodeready_linux_builder_for_arm64_eus
9.2_aarch64:_aarch64
redhatcodeready_linux_builder_for_ibm_z_systems
9.0_s390x:_s390x
redhatcodeready_linux_builder_for_ibm_z_systems_eus
9.2_s390x:_s390x
redhatenterprise_linux
8.0
redhatenterprise_linux
9.0
redhatenterprise_linux_eus
8.8
redhatenterprise_linux_eus
9.2
redhatenterprise_linux_for_arm_64
9.0_aarch64:_aarch64
redhatenterprise_linux_for_arm_64_eus
9.2_aarch64:_aarch64
redhatenterprise_linux_for_ibm_z_systems
8.0_s390x:_s390x
redhatenterprise_linux_for_ibm_z_systems_eus
8.8_s390x:_s390x
redhatenterprise_linux_for_ibm_z_systems_eus_s390x
9.2
redhatenterprise_linux_for_ibm_z_systems_s390x
9.2
redhatenterprise_linux_for_power_little_endian
8.0_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian
9.2_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian_eus
8.8_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian_eus
9.2_ppc64le:_ppc64le
redhatenterprise_linux_server_aus
9.2
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
9.2_ppc64le:_ppc64le
redhatenterprise_linux_tus
8.8
netapph300s_firmware
-
netapph500s_firmware
-
netapph700s_firmware
-
netapph410s_firmware
-
netapph410c_firmware
-
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
glibc
bullseye
2.31-13+deb11u11
not-affected
buster
not-affected
bullseye (security)
2.31-13+deb11u10
fixed
bookworm
2.36-9+deb12u9
fixed
bookworm (security)
2.36-9+deb12u7
fixed
sid
2.40-4
fixed
trixie
2.40-4
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
eglibc
noble
dne
mantic
dne
lunar
dne
jammy
dne
focal
dne
bionic
dne
xenial
dne
trusty
not-affected
glibc
noble
Fixed 2.38-1ubuntu5
released
mantic
Fixed 2.38-1ubuntu5
released
lunar
Fixed 2.37-0ubuntu2.1
released
jammy
not-affected
focal
not-affected
bionic
not-affected
xenial
not-affected
trusty
ignored
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2023:5453
https://access.redhat.com/errata/RHSA-2023:5455
https://access.redhat.com/security/cve/CVE-2023-4527
https://bugzilla.redhat.com/show_bug.cgi?id=2234712
http://www.openwall.com/lists/oss-security/2023/09/25/1
https://access.redhat.com/errata/RHSA-2023:5453
https://access.redhat.com/errata/RHSA-2023:5455
https://access.redhat.com/security/cve/CVE-2023-4527
https://bugzilla.redhat.com/show_bug.cgi?id=2234712
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/
https://security.gentoo.org/glsa/202310-03
https://security.netapp.com/advisory/ntap-20231116-0012/