CVE-2023-4806
Last modified
CVE-2023-4806 is a medium-severity vulnerability rated 5.9/10 on the CVSS scale. A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. EPSS estimates a 1.44% chance of exploitation in the next 30 days.
Description
A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.
Metrics
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Gnu | Glibc | 2.33 |
| Redhat | Codeready Linux Builder Eus | 9.2 |
| Redhat | Codeready Linux Builder Eus For Power Little Endian | 9.0_ppc64le |
| Redhat | Codeready Linux Builder Eus For Power Little Endian Eus | 9.2_ppc64le |
| Redhat | Codeready Linux Builder For Arm64 | 9.0_aarch64 |
| Redhat | Codeready Linux Builder For Arm64 Eus | 9.2_aarch64 |
| Redhat | Codeready Linux Builder For Ibm Z Systems | 9.0_s390x |
| Redhat | Codeready Linux Builder For Ibm Z Systems Eus | 9.2_s390x |
| Redhat | Enterprise Linux | 7.0 |
| Redhat | Enterprise Linux | 8.0 |
| Redhat | Enterprise Linux | 9.0 |
| Redhat | Enterprise Linux Eus | 8.8 |
| Redhat | Enterprise Linux Eus | 9.2 |
| Redhat | Enterprise Linux For Arm 64 | 9.0_aarch64 |
| Redhat | Enterprise Linux For Arm 64 Eus | 9.2_aarch64 |
| Redhat | Enterprise Linux For Ibm Z Systems | 8.0_s390x |
| Redhat | Enterprise Linux For Ibm Z Systems Eus | 8.8_s390x |
| Redhat | Enterprise Linux For Ibm Z Systems Eus S390x | 9.2 |
| Redhat | Enterprise Linux For Ibm Z Systems S390x | 9.2 |
| Redhat | Enterprise Linux For Power Little Endian | 8.0_ppc64le |
| Redhat | Enterprise Linux For Power Little Endian | 9.2_ppc64le |
| Redhat | Enterprise Linux For Power Little Endian Eus | 8.8_ppc64le |
| Redhat | Enterprise Linux For Power Little Endian Eus | 9.2_ppc64le |
| Redhat | Enterprise Linux Server Aus | 9.2 |
| Redhat | Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions | 9.2_ppc64le |
| Redhat | Enterprise Linux Tus | 8.8 |
| Fedoraproject | Fedora | 37 |
| Fedoraproject | Fedora | 38 |
| Fedoraproject | Fedora | 39 |
References
- https://access.redhat.com/errata/RHSA-2023:5453Third Party Advisory
- https://access.redhat.com/errata/RHSA-2023:5455Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2023-4806Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2237782Issue Tracking, Third Party Advisory
- https://access.redhat.com/errata/RHSA-2023:5453Third Party Advisory
- https://access.redhat.com/errata/RHSA-2023:5455Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2023-4806Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2237782Issue Tracking, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2023-4806?
How severe is CVE-2023-4806?
How do I fix CVE-2023-4806?
Are you affected by CVE-2023-4806?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST