Fluid Attacks Database

Description

A flaw has been identified in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	glibc	>=0 <2.36-3	2.36-3
debian 11	glibc	=2.31-13 \|\| =2.31-13+deb11u1 \|\| =2.31-13+deb11u10 \|\| =2.31-13+deb11u11 \|\| =2.31-13+deb11u12 \|\| =2.31-13+deb11u13 \|\| =2.31-13+deb11u2 \|\| =2.31-13+deb11u3 \|\| =2.31-13+deb11u4 \|\| =2.31-13+deb11u5 \|\| =2.31-13+deb11u6 \|\| =2.31-13+deb11u7 \|\| =2.31-13+deb11u8 \|\| =2.31-13+deb11u9 \|\| =2.31-13+hurd.1 \|\| =2.31-13+hurd.2 \|\| =2.31-13+hurd.3 \|\| =2.31-13+qemu \|\| =2.31-14 \|\| =2.31-15 \|\| =2.31-16 \|\| =2.31-17 \|\| =2.31-17~0 \|\| =2.31-18~0 \|\| =2.32-0experimental0 \|\| =2.32-0experimental1 \|\| =2.32-1 \|\| =2.32-2 \|\| =2.32-2+qemu \|\| =2.32-3 \|\| =2.32-4 \|\| =2.32-5 \|\| =2.33-0experimental0 \|\| =2.33-0experimental1 \|\| =2.33-0experimental2 \|\| =2.33-0experimental3 \|\| =2.33-1 \|\| =2.33-1+qemu \|\| =2.33-2 \|\| =2.33-2+qemu \|\| =2.33-2+qemu1 \|\| =2.33-2~0 \|\| =2.33-2~1 \|\| =2.33-2~2 \|\| =2.33-2~3 \|\| =2.33-3 \|\| =2.33-3~0 \|\| =2.33-4 \|\| =2.33-5 \|\| =2.33-6 \|\| =2.33-7 \|\| =2.33-8 \|\| =2.33-8~0 \|\| =2.34-0experimental0 \|\| =2.34-0experimental1 \|\| =2.34-0experimental2 \|\| =2.34-0experimental3 \|\| =2.34-0experimental4 \|\| =2.34-0experimental5 \|\| =2.34-1 \|\| =2.34-2 \|\| =2.34-3 \|\| =2.34-4 \|\| =2.34-5 \|\| =2.34-5~0 \|\| =2.34-6 \|\| =2.34-7 \|\| =2.34-7+qemu \|\| =2.34-8 \|\| =2.34-8~0 \|\| =2.34-9~0 \|\| =2.35-0experimental0 \|\| =2.35-0experimental1 \|\| =2.35-0experimental2 \|\| =2.35-0experimental3 \|\| =2.35-0experimental3+qemu \|\| =2.35-1 \|\| =2.35-1+sparc64 \|\| =2.35-2 \|\| =2.35-3 \|\| =2.35-4 \|\| =2.36-1 \|\| =2.36-10~0 \|\| =2.36-2 \|\| =2.36-3 \|\| =2.36-4 \|\| =2.36-4+ports \|\| =2.36-5 \|\| =2.36-6 \|\| =2.36-7 \|\| =2.36-7~0 \|\| =2.36-7~1 \|\| =2.36-8 \|\| =2.36-8+alpha1 \|\| =2.36-9 \|\| =2.36-9+loong64 \|\| =2.36-9~1 \|\| =2.36-9~2 \|\| =2.36-9~3 \|\| =2.37-1 \|\| =2.37-10 \|\| =2.37-11 \|\| =2.37-12 \|\| =2.37-13 \|\| =2.37-14 \|\| =2.37-15 \|\| =2.37-15.1 \|\| =2.37-15.1+sh4 \|\| =2.37-15~deb13u1 \|\| =2.37-16 \|\| =2.37-17 \|\| =2.37-18 \|\| =2.37-19 \|\| =2.37-2 \|\| =2.37-3 \|\| =2.37-4 \|\| =2.37-5 \|\| =2.37-6 \|\| =2.37-7 \|\| =2.37-8 \|\| =2.37-9 \|\| =2.38-1 \|\| =2.38-10 \|\| =2.38-11 \|\| =2.38-12 \|\| =2.38-12.1 \|\| =2.38-13 \|\| =2.38-14 \|\| =2.38-15~0 \|\| =2.38-15~1 \|\| =2.38-2 \|\| =2.38-3 \|\| =2.38-4 \|\| =2.38-5 \|\| =2.38-6 \|\| =2.38-7 \|\| =2.38-7~0+hurd.1 \|\| =2.38-8 \|\| =2.38-9 \|\| =2.39-1 \|\| =2.39-2 \|\| =2.39-3 \|\| =2.39-3.1 \|\| =2.39-4 \|\| =2.39-5 \|\| =2.39-6 \|\| =2.39-6+hurd.1 \|\| =2.39-6+sh4 \|\| =2.39-7 \|\| =2.39-7+sh4 \|\| =2.39-7~0 \|\| =2.39-8~0 \|\| =2.40-1 \|\| =2.40-2 \|\| =2.40-2+sh4 \|\| =2.40-3 \|\| =2.40-3+sh4 \|\| =2.40-4 \|\| =2.40-5 \|\| =2.40-5~hurd.1 \|\| =2.40-6 \|\| =2.40-6~1 \|\| =2.40-7 \|\| =2.41-1 \|\| =2.41-10 \|\| =2.41-11 \|\| =2.41-12 \|\| =2.41-13~hurd.0 \|\| =2.41-13~hurd.1 \|\| =2.41-2 \|\| =2.41-3 \|\| =2.41-4 \|\| =2.41-4~0 \|\| =2.41-5 \|\| =2.41-5~0 \|\| =2.41-6 \|\| =2.41-7 \|\| =2.41-8 \|\| =2.41-8~0 \|\| =2.41-8~1 \|\| =2.41-9 \|\| =2.41-9~0 \|\| =2.41-9~1 \|\| =2.42-1 \|\| =2.42-10 \|\| =2.42-11 \|\| =2.42-12 \|\| =2.42-12~hurd.1 \|\| =2.42-13 \|\| =2.42-14 \|\| =2.42-14~hurd.1 \|\| =2.42-15 \|\| =2.42-15~hurd.1 \|\| =2.42-2 \|\| =2.42-3 \|\| =2.42-4 \|\| =2.42-5 \|\| =2.42-6 \|\| =2.42-7 \|\| =2.42-8 \|\| =2.42-8~hurd.1 \|\| =2.42-8~hurd.2 \|\| =2.42-9 \|\| =2.43-1 \|\| =2.43-2	-
debian 12	glibc	>=0 <2.36-3	2.36-3
debian 13	glibc	>=0 <2.36-3	2.36-3
rpm rhel6	compat-glibc	-	-
rpm rhel7	compat-glibc	-	-
rpm rhel6	glibc	-	-
rpm rhel7	glibc	-	-
rpm rhel8	glibc	<0:2.28-225.el8_8.6	0:2.28-225.el8_8.6
rpm rhel8.6	glibc	<0:2.28-189.8.el8_6	0:2.28-189.8.el8_6

1-10 of 11

Aliases

1. CVE-2023-48132. NVD-2023-48133. OSV-DEBIAN-2023-48134. OSV-2023-48135. SECURITY-TRACKER-CVE-2023-4813

References

1. https://github.com/tnishiox/cve-2023-4813

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.