Skip to main content

GNU C Library

I. Summary of the security vulnerability

GNU C Library


CVE-2023-4911:A buffer overflow was detected in the dynamic loader of the C standard library GNU C Library during the processing of the environment variable GLIBC_TUNABLES. This could allow a local attacker to use hostile GLIBC_TUNABLES environment variables. This happens when they launch binaries with SUID authorization to execute code with elevated privileges.

II. Effects on our products

The vulnerability does not affect any products or services developed or offered by UTAX.