GNU C Library
I. Summary of the security vulnerability
Product: GNU C Library
Description:
CVE-2023-4911:A buffer overflow was detected in the dynamic loader ld.so of the C standard library GNU C Library during the processing of the environment variable GLIBC_TUNABLES. This could allow a local attacker to use hostile GLIBC_TUNABLES environment variables. This happens when they launch binaries with SUID authorization to execute code with elevated privileges.
II. Effects on our products
The vulnerability does not affect any products or services developed or offered by UTAX.
Product: GNU C Library
Description:
CVE-2023-4911:A buffer overflow was detected in the dynamic loader ld.so of the C standard library GNU C Library during the processing of the environment variable GLIBC_TUNABLES. This could allow a local attacker to use hostile GLIBC_TUNABLES environment variables. This happens when they launch binaries with SUID authorization to execute code with elevated privileges.
II. Effects on our products
The vulnerability does not affect any products or services developed or offered by UTAX.