glibc: Multiple vulnerabilities — GLSA 202310-03

Multiple vulnerabilities in glibc could result in Local Privilege Escalation.

Affected packages

Background

glibc is a package that contains the GNU C library.

Description

Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details.

Impact

An attacker could elevate privileges from a local user to root.

Workaround

There is no known workaround at this time.

Resolution

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=sys-libs/glibc-2.37-r7"
 

References

• CVE-2022-39046
• CVE-2023-4527
• CVE-2023-4806
• CVE-2023-4911

Release date
October 04, 2023

Latest revision
October 04, 2023: 1

Severity
high

Exploitable
local and remote

Bugzilla entries

• 867952
• 914281
• 915127