Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2023-4813

A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.

Related bugs and status

CVE-2023-4813 (Candidate) is related to these bugs:

Bug #1999551: glibc: backport AArch64 mem{cpy,cmp} improvements

		In	Importance	Status
1999551	glibc: backport AArch64 mem{cpy,cmp} improvements	glibc (Ubuntu)	High	Fix Released
1999551	glibc: backport AArch64 mem{cpy,cmp} improvements	glibc (Ubuntu Focal)	High	Triaged
1999551	glibc: backport AArch64 mem{cpy,cmp} improvements	glibc (Ubuntu Jammy)	High	Triaged
1999551	glibc: backport AArch64 mem{cpy,cmp} improvements	glibc (Ubuntu Kinetic)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugzilla.redha...
MISC: https://access.redhat....
MISC: https://access.redhat....
MISC: https://access.redhat....
MISC: http://www.openwall.co...
MISC: https://security.netap...
MISC: https://access.redhat....