CVE 2023-4806
A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_
Related bugs and status
CVE-2023-4806 (Candidate) is related to these bugs:
Bug #1999551: glibc: backport AArch64 mem{cpy,cmp} improvements
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1999551 | glibc: backport AArch64 mem{cpy,cmp} improvements | glibc (Ubuntu) | High | Fix Released | ||
1999551 | glibc: backport AArch64 mem{cpy,cmp} improvements | glibc (Ubuntu Focal) | High | Triaged | ||
1999551 | glibc: backport AArch64 mem{cpy,cmp} improvements | glibc (Ubuntu Jammy) | High | Triaged | ||
1999551 | glibc: backport AArch64 mem{cpy,cmp} improvements | glibc (Ubuntu Kinetic) | Undecided | Fix Released |
Bug #2031909: tinydns: allocation failures with glibc 2.38/s390x
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
2031909 | tinydns: allocation failures with glibc 2.38/s390x | djbdns (Ubuntu) | Critical | Fix Released | ||
2031909 | tinydns: allocation failures with glibc 2.38/s390x | glibc (Ubuntu) | High | Fix Released | ||
2031909 | tinydns: allocation failures with glibc 2.38/s390x | djbdns (Debian) | Unknown | Fix Released |
Bug #2032624: mumax3 test suite fails against glibc 2.38
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
2032624 | mumax3 test suite fails against glibc 2.38 | mumax3 (Ubuntu) | Critical | Fix Released | ||
2032624 | mumax3 test suite fails against glibc 2.38 | glibc (Ubuntu) | Medium | Won't Fix | ||
2032624 | mumax3 test suite fails against glibc 2.38 | nvidia-nccl (Ubuntu) | Undecided | Fix Released | ||
2032624 | mumax3 test suite fails against glibc 2.38 | cxref (Ubuntu) | Undecided | Fix Released | ||
2032624 | mumax3 test suite fails against glibc 2.38 | gauche-c-wrapper (Ubuntu) | Undecided | New | ||
2032624 | mumax3 test suite fails against glibc 2.38 | rocm-hipamd (Ubuntu) | Undecided | Fix Released | ||
2032624 | mumax3 test suite fails against glibc 2.38 | stdgpu-contrib (Ubuntu) | Undecided | New | ||
2032624 | mumax3 test suite fails against glibc 2.38 | cbmc (Ubuntu) | Undecided | Fix Released | ||
2032624 | mumax3 test suite fails against glibc 2.38 | GLibC | Medium | New | ||
2032624 | mumax3 test suite fails against glibc 2.38 | pyvkfft (Ubuntu) | Undecided | Fix Released | ||
2032624 | mumax3 test suite fails against glibc 2.38 | Ubuntu | Undecided | Fix Released | ||
2032624 | mumax3 test suite fails against glibc 2.38 | aspectc++ (Ubuntu) | Undecided | New | ||
2032624 | mumax3 test suite fails against glibc 2.38 | cbmc (Debian) | Unknown | Confirmed | ||
2032624 | mumax3 test suite fails against glibc 2.38 | aspectc++ (Debian) | Unknown | New | ||
2032624 | mumax3 test suite fails against glibc 2.38 | cxref (Debian) | Unknown | Fix Released | ||
2032624 | mumax3 test suite fails against glibc 2.38 | rocm-hipamd (Debian) | Unknown | New |
Bug #2037516: glibc: CVE-2023-5156: Memory leak in getaddrinfo after fix for CVE-2023-4806
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
2037516 | glibc: CVE-2023-5156: Memory leak in getaddrinfo after fix for CVE-2023-4806 | glibc (Ubuntu) | Critical | Fix Released | ||
2037516 | glibc: CVE-2023-5156: Memory leak in getaddrinfo after fix for CVE-2023-4806 | glibc (Debian) | Unknown | Fix Released |
Bug #2047155: "Could not create socket" with apt update when update libc6 to 2.35-0ubuntu3.5 and using nscd
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
2047155 | "Could not create socket" with apt update when update libc6 to 2.35-0ubuntu3.5 and using nscd | glibc (Ubuntu) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.