Bugzilla – Bug 1215281
VUL-0: CVE-2023-4806: glibc: potential use-after-free in getaddrinfo()
Last modified: 2023-12-04 12:21:31 UTC
CVE-2023-4806 In an extremely rare situation, the getaddrinfo function in glibc may access memory that has already been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r hook without implementing the _nss_*_gethostbyname3_r hook. There are no known modules that are implemented in this way. In addition to that condition, the resolved name should return a large number of IPv6 as well as IPv4 and the call to the getaddrinfo function should have AF_INET6 with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags. Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=30843 References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4806 https://bugzilla.redhat.com/show_bug.cgi?id=2237782
afaik no patch upstream yet
Patch is upstream: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=973fe93a5675c42798b2161c6f29c01b0e243994
This is an autogenerated message for OBS integration: This bug (1215281) was mentioned in https://build.opensuse.org/request/show/1111922 Factory / glibc
The fix for this CVE introduces a memory leak, which is tracked via CVE-2023-5156 bnc#1215714. Could you please fix both at the same time with a submit? Thanks!