Untriaged
Glibc: stack read overflow in getaddrinfo in no-aaaa mode
A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.
Affected products
glibc
- *
compat-glibc
Matching in nixpkgs
pkgs.mtrace
Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3)
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.glibc_multi
None
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.glibcLocales
Locale information for the GNU C Library
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.glibc_memusage
GNU C Library
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.glibcLocalesUtf8
Locale information for the GNU C Library
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.unixtools.getent
None
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.unixtools.locale
None
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
pkgs.unixtools.getconf
None
-
nixos-unstable -
- nixpkgs-unstable 2.40-66
Package maintainers
-
@Ma27 Maximilian Bosch <maximilian@mbosch.me>
-
@ConnorBaker Connor Baker <ConnorBaker01@gmail.com>