{ "threat_severity" : "Moderate", "public_date" : "2022-03-01T00:00:00Z", "bugzilla" : { "description" : "glibc: potential use-after-free in gaih_inet()", "id" : "2237798", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2237798" }, "cvss3" : { "cvss3_base_score" : "5.9", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-416", "details" : [ "A flaw has been identified in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.", "A flaw has been identified in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge." ], "statement" : "This issue is only exploitable when the condition detailed in the description is present in the system. However, all glibc versions shipped in Red Hat Enterprise Linux are vulnerable to this issue.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-10-05T00:00:00Z", "advisory" : "RHSA-2023:5455", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "glibc-0:2.28-225.el8_8.6" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-10-05T00:00:00Z", "advisory" : "RHSA-2023:5455", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "glibc-0:2.28-225.el8_8.6" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date" : "2023-11-21T00:00:00Z", "advisory" : "RHSA-2023:7409", "cpe" : "cpe:/a:redhat:rhel_eus:8.6", "package" : "glibc-0:2.28-189.8.el8_6" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2024-04-30T00:00:00Z", "advisory" : "RHBA-2024:2413", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "glibc-0:2.34-100.el9" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-10-05T00:00:00Z", "advisory" : "RHSA-2023:5453", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "glibc-0:2.34-60.el9_2.7" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2024-04-30T00:00:00Z", "advisory" : "RHBA-2024:2413", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "glibc-0:2.34-100.el9" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-10-05T00:00:00Z", "advisory" : "RHSA-2023:5453", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "glibc-0:2.34-60.el9_2.7" }, { "product_name" : "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "release_date" : "2023-11-21T00:00:00Z", "advisory" : "RHSA-2023:7409", "cpe" : "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "package" : "glibc-0:2.28-189.8.el8_6" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "compat-glibc", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "glibc", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Will not fix", "package_name" : "compat-glibc", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Will not fix", "package_name" : "glibc", "cpe" : "cpe:/o:redhat:enterprise_linux:7" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-4813\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-4813" ], "name" : "CVE-2023-4813", "mitigation" : { "value" : "Removing the \"SUCCESS=continue\" or \"SUCCESS=merge\" configuration from the hosts database in /etc/nsswitch.conf will mitigate this vulnerability.\nNote that, these options are not supported by the hosts database, if they were working before it was because of this bug.", "lang" : "en:us" }, "csaw" : false }