CVE-2023-4527
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Published Sep 18, 2023
Updated: Dec 28, 2023
CWE ID 125
CWE ID 121
Summary
CVE-2023-4527: A vulnerability was discovered in the getaddrinfo function of glibc. When the system is configured with no-aaaa mode in /etc/resolv.conf and receives a larger than expected DNS response via TCP using AF_UNSPEC address family, the function may disclose stack contents through the returned address data, potentially causing a crash.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Gnu Glibc
- Red Hat Enterprise Linux
- Fedora Operating System
- Redhat Enterprise Linux For Ibm Z Systems
Affected Vendors
- Red Hat
- Fedora Project
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
Note: This is just a basic overview providing quick insights into CVE-2023-4527 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions