Skip to main content

Safety-relevant information:

Impact of the vulnerability CVE-2023-4911 on our products
I. Vulnerability summary
Publication date:
22.11.2023

Beschreibung:
CVE-2023-4911: A buffer overflow was discovered in the dynamic loader ld.so of the C standard library GNU C Library while processing the environment variable GLIBC_TUNABLES. This might allow a local attacker to use hostile GLIBC_TUNABLES environment variables. This happens when they launch binaries with SUID authorisation to execute code with elevated privileges.

Impact on our products:
The vulnerability does not affect developed and offered products and services of TA Triumph-Adler.