Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2023-4527

Опубликовано: 18 сент. 2023
Источник: ubuntu
Приоритет: medium
CVSS3: 6.5

Описание

A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

not-affected

code not present
esm-infra/focal

DNE

focal

DNE

jammy

DNE

lunar

DNE

mantic

DNE

noble

DNE

trusty

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

released

2.38-1ubuntu5
esm-infra/bionic

not-affected

code not present
esm-infra/focal

not-affected

code not present
esm-infra/xenial

not-affected

code not present
focal

not-affected

code not present
jammy

not-affected

code not present
lunar

released

2.37-0ubuntu2.1
mantic

released

2.38-1ubuntu5
noble

released

2.38-1ubuntu5

Показывать по

Ссылки на источники

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2023-4527

CVSS3: 6.5
redhat
больше 2 лет назад

A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.

nvd логотип

CVE-2023-4527

CVSS3: 6.5
nvd
больше 2 лет назад

A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.

msrc логотип

CVE-2023-4527

CVSS3: 6.5
msrc
5 месяцев назад

Glibc: stack read overflow in getaddrinfo in no-aaaa mode

debian логотип

CVE-2023-4527

CVSS3: 6.5
debian
больше 2 лет назад

A flaw was found in glibc. When the getaddrinfo function is called wit ...

github логотип

GHSA-hmf7-f8gf-8f4p

CVSS3: 6.5
github
больше 2 лет назад

A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.

6.5 Medium

CVSS3