[Git][security-tracker-team/security-tracker][master] 3 commits: Add CVE-2023-4911/glibc

Tue Oct 3 18:20:11 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3c4ad9da by Salvatore Bonaccorso at 2023-10-03T19:02:28+02:00
Add CVE-2023-4911/glibc

- - - - -
2ef48767 by Salvatore Bonaccorso at 2023-10-03T19:03:11+02:00
Track fixes glibc fixes previously pending for bookworm-pu

- - - - -
f7104b66 by Salvatore Bonaccorso at 2023-10-03T19:06:34+02:00
Add upstream commit reference for CVE-2023-4911

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,8 @@
+CVE-2023-4911 [buffer overflow in dynamic loader's processing of the GLIBC_TUNABLES environment variable]
+	- glibc <unfixed>
+	[buster] - glibc <not-affected> (Vulnerable code introduced later)
+	NOTE: Fixed by: https://sourceware.org/git/?p=glibc.git;a=commit;h=1056e5b4c3f2d90ed2b4a55f96add28da2f4c8fa
+	NOTE: https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
 CVE-2023-43789 [libXpm: out of bounds read on XPM with corrupted colormap]
 	- libxpm <unfixed>
 	NOTE: https://www.openwall.com/lists/oss-security/2023/10/03/1
@@ -2724,13 +2729,14 @@ CVE-2023-4813 (A flaw was found in glibc. In an uncommon situation, the gaih_ine
 	NOTE: Fixed by: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=1c37b8022e8763fedbb3f79c02e05c6acfe5a215 (glibc-2.36)
 CVE-2023-4806 (A flaw was found in glibc. In an extremely rare situation, the getaddr ...)
 	- glibc 2.37-10
-	[bookworm] - glibc <no-dsa> (Minor issue)
+	[bookworm] - glibc 2.36-9+deb12u3
 	[bullseye] - glibc <no-dsa> (Minor issue)
 	[buster] - glibc <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=30843
 	NOTE: When fixing this issue in older releases make sure to not open CVE-2023-5156.
 CVE-2023-4527 (A flaw was found in glibc. When the getaddrinfo function is called wit ...)
 	- glibc 2.37-9 (bug #1051958)
+	[bookworm] - glibc 2.36-9+deb12u3
 	[bullseye] - glibc <not-affected> (Vulnerable code not present)
 	[buster] - glibc <not-affected> (Vulnerable code not present)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=30842


=====================================
data/next-point-update.txt
=====================================
@@ -57,10 +57,6 @@ CVE-2023-38039
 	[bookworm] - curl 7.88.1-10+deb12u3
 CVE-2023-43770
 	[bookworm] - roundcube 1.6.3+dfsg-1~deb12u1
-CVE-2023-4527
-	[bookworm] - glibc 2.36-9+deb12u2
-CVE-2023-4806
-	[bookworm] - glibc 2.36-9+deb12u2
 CVE-2023-38559
 	[bookworm] - ghostscript 10.0.0~dfsg-11+deb12u2
 CVE-2023-43115



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/170cf61c22811f68a6ccea95598950302780ebab...f7104b6649fb096a878bc147c12bd2972c275066

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/170cf61c22811f68a6ccea95598950302780ebab...f7104b6649fb096a878bc147c12bd2972c275066
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231003/6248c00c/attachment.htm>
