Safety-relevant information:
Impact of the vulnerability CVE-2023-4911 on our products
I. Vulnerability summary
Publication date:
22.11.2023
Beschreibung:
CVE-2023-4911: A buffer overflow was discovered in the dynamic loader ld.so of the C standard library GNU C Library while processing the environment variable GLIBC_TUNABLES. This might allow a local attacker to use hostile GLIBC_TUNABLES environment variables. This happens when they launch binaries with SUID authorisation to execute code with elevated privileges.
Impact on our products:
The vulnerability does not affect developed and offered products and services of TA Triumph-Adler.
22.11.2023
Beschreibung:
CVE-2023-4911: A buffer overflow was discovered in the dynamic loader ld.so of the C standard library GNU C Library while processing the environment variable GLIBC_TUNABLES. This might allow a local attacker to use hostile GLIBC_TUNABLES environment variables. This happens when they launch binaries with SUID authorisation to execute code with elevated privileges.
Impact on our products:
The vulnerability does not affect developed and offered products and services of TA Triumph-Adler.