Untriaged
Permalink
CVE-2023-5156
7.5 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): HIGH
Glibc: dos due to memory leak in getaddrinfo.c
A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.
References
- http://www.openwall.com/lists/oss-security/2023/10/03/4
- http://www.openwall.com/lists/oss-security/2023/10/03/5
- http://www.openwall.com/lists/oss-security/2023/10/03/6
- http://www.openwall.com/lists/oss-security/2023/10/03/8
- https://access.redhat.com/security/cve/CVE-2023-5156 x_refsource_REDHAT vdb-entry
- RHBZ#2240541 issue-tracking x_refsource_REDHAT
- https://sourceware.org/bugzilla/show_bug.cgi?id=30884
- https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebed…
- http://www.openwall.com/lists/oss-security/2023/10/03/4
- http://www.openwall.com/lists/oss-security/2023/10/03/5
- http://www.openwall.com/lists/oss-security/2023/10/03/6
- http://www.openwall.com/lists/oss-security/2023/10/03/8
- https://access.redhat.com/security/cve/CVE-2023-5156 x_refsource_REDHAT vdb-entry
- RHBZ#2240541 issue-tracking x_refsource_REDHAT
- https://sourceware.org/bugzilla/show_bug.cgi?id=30884
- https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebed…
- https://security.gentoo.org/glsa/202402-01
- http://www.openwall.com/lists/oss-security/2023/10/03/4
- http://www.openwall.com/lists/oss-security/2023/10/03/5
- http://www.openwall.com/lists/oss-security/2023/10/03/6
- http://www.openwall.com/lists/oss-security/2023/10/03/8
- https://access.redhat.com/security/cve/CVE-2023-5156 x_refsource_REDHAT vdb-entry
- RHBZ#2240541 issue-tracking x_refsource_REDHAT
- https://security.gentoo.org/glsa/202402-01
- https://sourceware.org/bugzilla/show_bug.cgi?id=30884
- https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebed…
- http://www.openwall.com/lists/oss-security/2023/10/03/4
- http://www.openwall.com/lists/oss-security/2023/10/03/5
- http://www.openwall.com/lists/oss-security/2023/10/03/6
- http://www.openwall.com/lists/oss-security/2023/10/03/8
- https://access.redhat.com/security/cve/CVE-2023-5156 x_refsource_REDHAT vdb-entry
- RHBZ#2240541 issue-tracking x_refsource_REDHAT
- https://security.gentoo.org/glsa/202402-01
- https://sourceware.org/bugzilla/show_bug.cgi?id=30884
- https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebed…
- http://www.openwall.com/lists/oss-security/2023/10/03/6 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/8 x_transferred
- https://access.redhat.com/security/cve/CVE-2023-5156 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2240541 issue-tracking x_refsource_REDHAT x_transferred
- https://security.gentoo.org/glsa/202402-01 x_transferred
- https://sourceware.org/bugzilla/show_bug.cgi?id=30884 x_transferred
- https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebed… x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/4 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/5 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/4
- http://www.openwall.com/lists/oss-security/2023/10/03/5
- http://www.openwall.com/lists/oss-security/2023/10/03/6
- http://www.openwall.com/lists/oss-security/2023/10/03/8
- https://access.redhat.com/security/cve/CVE-2023-5156 x_refsource_REDHAT vdb-entry
- RHBZ#2240541 issue-tracking x_refsource_REDHAT
- https://security.gentoo.org/glsa/202402-01
- https://sourceware.org/bugzilla/show_bug.cgi?id=30884
- https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebed…
- https://security.gentoo.org/glsa/202402-01 x_transferred
- https://sourceware.org/bugzilla/show_bug.cgi?id=30884 x_transferred
- https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebed… x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/4 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/5 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/6 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/8 x_transferred
- https://access.redhat.com/security/cve/CVE-2023-5156 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2240541 issue-tracking x_refsource_REDHAT x_transferred
- https://access.redhat.com/security/cve/CVE-2023-5156 x_refsource_REDHAT vdb-entry
- RHBZ#2240541 issue-tracking x_refsource_REDHAT
- https://security.gentoo.org/glsa/202402-01
- https://sourceware.org/bugzilla/show_bug.cgi?id=30884
- https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebed…
- http://www.openwall.com/lists/oss-security/2023/10/03/4
- http://www.openwall.com/lists/oss-security/2023/10/03/5
- http://www.openwall.com/lists/oss-security/2023/10/03/6
- http://www.openwall.com/lists/oss-security/2023/10/03/8
- http://www.openwall.com/lists/oss-security/2023/10/03/4 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/5 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/6 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/8 x_transferred
- https://access.redhat.com/security/cve/CVE-2023-5156 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2240541 issue-tracking x_refsource_REDHAT x_transferred
- https://security.gentoo.org/glsa/202402-01 x_transferred
- https://sourceware.org/bugzilla/show_bug.cgi?id=30884 x_transferred
- https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebed… x_transferred
- RHBZ#2240541 issue-tracking x_refsource_REDHAT
- https://sourceware.org/bugzilla/show_bug.cgi?id=30884
- https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebed…
- https://access.redhat.com/security/cve/CVE-2023-5156 x_refsource_REDHAT vdb-entry
- RHBZ#2240541 issue-tracking x_refsource_REDHAT x_transferred
- https://security.gentoo.org/glsa/202402-01 x_transferred
- https://sourceware.org/bugzilla/show_bug.cgi?id=30884 x_transferred
- https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebed… x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/4 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/5 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/6 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/8 x_transferred
- https://access.redhat.com/security/cve/CVE-2023-5156 x_refsource_REDHAT vdb-entry x_transferred
- https://sourceware.org/bugzilla/show_bug.cgi?id=30884
- https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebed…
- https://access.redhat.com/security/cve/CVE-2023-5156 x_refsource_REDHAT vdb-entry
- RHBZ#2240541 issue-tracking x_refsource_REDHAT
- http://www.openwall.com/lists/oss-security/2023/10/03/4 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/5 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/6 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/8 x_transferred
- https://access.redhat.com/security/cve/CVE-2023-5156 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2240541 issue-tracking x_refsource_REDHAT x_transferred
- https://security.gentoo.org/glsa/202402-01 x_transferred
- https://sourceware.org/bugzilla/show_bug.cgi?id=30884 x_transferred
- https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebed… x_transferred
- https://access.redhat.com/security/cve/CVE-2023-5156 x_refsource_REDHAT vdb-entry
- RHBZ#2240541 issue-tracking x_refsource_REDHAT
- https://sourceware.org/bugzilla/show_bug.cgi?id=30884
- https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebed…
- http://www.openwall.com/lists/oss-security/2023/10/03/4 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/5 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/6 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/8 x_transferred
- https://access.redhat.com/security/cve/CVE-2023-5156 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2240541 issue-tracking x_refsource_REDHAT x_transferred
- https://security.gentoo.org/glsa/202402-01 x_transferred
- https://sourceware.org/bugzilla/show_bug.cgi?id=30884 x_transferred
- https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebed… x_transferred
- RHBZ#2240541 issue-tracking x_refsource_REDHAT
- https://sourceware.org/bugzilla/show_bug.cgi?id=30884
- https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebed…
- https://access.redhat.com/security/cve/CVE-2023-5156 x_refsource_REDHAT vdb-entry
- http://www.openwall.com/lists/oss-security/2023/10/03/4 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/5 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/6 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/8 x_transferred
- https://access.redhat.com/security/cve/CVE-2023-5156 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2240541 issue-tracking x_refsource_REDHAT x_transferred
- https://security.gentoo.org/glsa/202402-01 x_transferred
- https://sourceware.org/bugzilla/show_bug.cgi?id=30884 x_transferred
- https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebed… x_transferred
- https://access.redhat.com/security/cve/CVE-2023-5156 x_refsource_REDHAT vdb-entry
- RHBZ#2240541 issue-tracking x_refsource_REDHAT
- https://sourceware.org/bugzilla/show_bug.cgi?id=30884
- https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebed…
- http://www.openwall.com/lists/oss-security/2023/10/03/4 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/5 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/6 x_transferred
- http://www.openwall.com/lists/oss-security/2023/10/03/8 x_transferred
- https://access.redhat.com/security/cve/CVE-2023-5156 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2240541 issue-tracking x_refsource_REDHAT x_transferred
- https://security.gentoo.org/glsa/202402-01 x_transferred
- https://sourceware.org/bugzilla/show_bug.cgi?id=30884 x_transferred
- https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebed… x_transferred
Affected products
glibc
- ==2.39
compat-glibc
Matching in nixpkgs
pkgs.mtrace
Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3)
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.glibc_multi
None
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.glibcLocales
Locale information for the GNU C Library
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.glibc_memusage
GNU C Library
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.glibcLocalesUtf8
Locale information for the GNU C Library
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.unixtools.getent
None
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.unixtools.locale
None
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.unixtools.getconf
None
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
Package maintainers
-
@Ma27 Maximilian Bosch <maximilian@mbosch.me>
-
@ConnorBaker Connor Baker <ConnorBaker01@gmail.com>