Vulnerability Description
A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gnu | Glibc | 2.33 |
| Redhat | Codeready Linux Builder Eus | 9.2 |
| Redhat | Codeready Linux Builder Eus For Power Little Endian | 9.0_ppc64le |
| Redhat | Codeready Linux Builder Eus For Power Little Endian Eus | 9.2_ppc64le |
| Redhat | Codeready Linux Builder For Arm64 | 9.0_aarch64 |
| Redhat | Codeready Linux Builder For Arm64 Eus | 9.2_aarch64 |
| Redhat | Codeready Linux Builder For Ibm Z Systems | 9.0_s390x |
| Redhat | Codeready Linux Builder For Ibm Z Systems Eus | 9.2_s390x |
| Redhat | Enterprise Linux | 7.0 |
| Redhat | Enterprise Linux Eus | 8.8 |
| Redhat | Enterprise Linux For Arm 64 | 9.0_aarch64 |
| Redhat | Enterprise Linux For Arm 64 Eus | 9.2_aarch64 |
| Redhat | Enterprise Linux For Ibm Z Systems | 8.0_s390x |
| Redhat | Enterprise Linux For Ibm Z Systems Eus | 8.8_s390x |
| Redhat | Enterprise Linux For Ibm Z Systems Eus S390X | 9.2 |
| Redhat | Enterprise Linux For Ibm Z Systems S390X | 9.2 |
| Redhat | Enterprise Linux For Power Little Endian | 8.0_ppc64le |
| Redhat | Enterprise Linux For Power Little Endian Eus | 8.8_ppc64le |
| Redhat | Enterprise Linux Server Aus | 9.2 |
| Redhat | Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions | 9.2_ppc64le |
Related Weaknesses (CWE)
References
- https://access.redhat.com/errata/RHBA-2024:2413
- https://access.redhat.com/errata/RHSA-2023:5453Third Party Advisory
- https://access.redhat.com/errata/RHSA-2023:5455Third Party Advisory
- https://access.redhat.com/errata/RHSA-2023:7409
- https://access.redhat.com/security/cve/CVE-2023-4806Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2237782Issue TrackingThird Party Advisory
- http://www.openwall.com/lists/oss-security/2023/10/03/4
- http://www.openwall.com/lists/oss-security/2023/10/03/5
- http://www.openwall.com/lists/oss-security/2023/10/03/6
- http://www.openwall.com/lists/oss-security/2023/10/03/8
- https://access.redhat.com/errata/RHSA-2023:5453Third Party Advisory
- https://access.redhat.com/errata/RHSA-2023:5455Third Party Advisory
- https://access.redhat.com/errata/RHSA-2023:7409
- https://access.redhat.com/security/cve/CVE-2023-4806Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2237782Issue TrackingThird Party Advisory
FAQ
What is CVE-2023-4806?
CVE-2023-4806 is a vulnerability with a CVSS score of 5.9 (MEDIUM). A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable w...
How severe is CVE-2023-4806?
CVE-2023-4806 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-4806?
Check the references section above for vendor advisories and patch information. Affected products include: Gnu Glibc, Redhat Codeready Linux Builder Eus, Redhat Codeready Linux Builder Eus For Power Little Endian, Redhat Codeready Linux Builder Eus For Power Little Endian Eus, Redhat Codeready Linux Builder For Arm64.