CVE-2023-4813

MEDIUM LAB

glibc < 2.36 - Use-After-Free in gaih_inet Function

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-4813. PoCs published by tnishiox.

AI-analyzed exploit summary This repository contains a functional PoC for CVE-2023-4813, which exploits a vulnerability in the KernelCare update mechanism. The exploit manipulates DNS resolution to trigger the vulnerability, potentially leading to privilege escalation or denial of service.

Description

A flaw has been identified in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.

Exploits (1)

nomisec WORKING POC 1 stars

by tnishiox · poc

https://github.com/tnishiox/cve-2023-4813

View Code ZIP pw:eip

This repository contains a functional PoC for CVE-2023-4813, which exploits a vulnerability in the KernelCare update mechanism. The exploit manipulates DNS resolution to trigger the vulnerability, potentially leading to privilege escalation or denial of service.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: KernelCare (kcarectl)

No auth needed

Prerequisites: Access to a vulnerable system running KernelCare · Ability to manipulate DNS resolution or network traffic

MITRE ATT&CK