CVE-2013-1914 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Glibc
Severity
5.0MEDIUMNVD
EPSS
3.1%
top 13.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 29
Latest updateMay 13
Description
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of domain conversion results.
CVSS vector
AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9
🔴Vulnerability Details
3GHSA▶
GHSA-gcw3-7j9c-37j4: Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo↗2022-05-13
OSV▶
CVE-2013-1914: Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo↗2013-04-29
CVEList▶
CVE-2013-1914: Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo↗2013-04-29
📋Vendor Advisories
4💬Community
3Bugzilla
▶
Bugzilla▶
CVE-2013-1914 glibc: Stack (frame) overflow in getaddrinfo() when processing entry mapping to long list of address structures↗2013-04-03
Bugzilla▶
CVE-2013-1914 glibc: Stack (frame) overflow in getaddrinfo() when processing entry mapping to long list of address structures [fedora-all]↗2013-04-03