CVSS: 5.9EPSS: 1%CPEs: 29EXPL: 0CVE-2023-4806 – Glibc: potential use-after-free in getaddrinfo()
https://notcve.org/view.php?id=CVE-2023-4806
18 Sep 2023 — A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL an... • http://www.openwall.com/lists/oss-security/2023/10/03/4 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 1%CPEs: 38EXPL: 1CVE-2023-4527 – Glibc: stack read overflow in getaddrinfo in no-aaaa mode
https://notcve.org/view.php?id=CVE-2023-4527
18 Sep 2023 — A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash. Se encontró una falla en glibc. Cuando se llama a la función getaddrinfo con la familia de direcciones AF_UNSPEC y el sistema está configurado con el modo no-aaaa a través de /etc/resolv.co... • http://www.openwall.com/lists/oss-security/2023/09/25/1 • CWE-121: Stack-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 5.9EPSS: 2%CPEs: 23EXPL: 1CVE-2023-4813 – Glibc: potential use-after-free in gaih_inet()
https://notcve.org/view.php?id=CVE-2023-4813
12 Sep 2023 — A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge. Se encontró una falla en glibc. En una situación poco común, la función gaih_inet puede utilizar memoria que se ha liberado, lo que provoca un bloqueo de la aplicación. • https://github.com/tnishiox/cve-2023-4813 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-38201 – Keylime: challenge-response protocol bypass during agent registration
https://notcve.org/view.php?id=CVE-2023-38201
25 Aug 2023 — A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database. Se encontró una falla en el registrador de Keylime que podría permitir una omisión del protocolo de desafío-respuesta durante el registro del... • https://access.redhat.com/errata/RHSA-2023:5080 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 7.8EPSS: 1%CPEs: 9EXPL: 0CVE-2023-38200 – Keylime: registrar is subject to a dos against ssl connections
https://notcve.org/view.php?id=CVE-2023-38200
24 Jul 2023 — A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections. Se encontró una falla en Keylime. Debido a su naturaleza de bloqueo, el registrador de Keylime está sujeto a una denegación de servicio remota contra sus conexiones SSL. • https://access.redhat.com/errata/RHSA-2023:5080 • CWE-400: Uncontrolled Resource Consumption CWE-834: Excessive Iteration •