CVE-2023-4806 — Use After Free in Glibc

CWE-416 — Use After Free CWE-401 — Missing Release of Memory after Effective Lifetime12 documents8 sources

Severity

5.9MEDIUMNVD

EPSS

1.9%

top 16.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

GNU Glibc Fedoraproject Fedora Redhat Codeready Linux Builder EUS +19 more

Timeline

PublishedSep 18

Latest updateJan 10

Description

A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with A…

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages5 packages

▶Debiangnu/glibc< 2.36-9+deb12u3+2

▶Ubuntugnu/glibc< 2.31-0ubuntu9.14+4

▶NVDgnu/glibc2.33

▶NVDredhat/codeready_linux_builder9.2, 9.0+1

▶NVDredhat/codeready_linux_builder_eus9.0, 9.2+1

Also affects: Fedora 37, 38, 39, Enterprise Linux 7.0, 8.0, 9.0, 8.8, 9.2

🔴Vulnerability Details

OSV

glibc regression↗2024-01-10

▶

OSV

glibc vulnerabilities↗2023-12-07

▶

GHSA

GHSA-5f52-v49r-796w: A flaw was found in glibc↗2023-09-18

▶

CVEList

Glibc: potential use-after-free in getaddrinfo()↗2023-09-18

▶

OSV

CVE-2023-4806: A flaw has been identified in glibc↗2023-09-18

▶

📋Vendor Advisories

Ubuntu

GNU C Library regression↗2024-01-10

▶

Ubuntu

GNU C Library vulnerabilities↗2023-12-07

▶

Red Hat

glibc: DoS due to memory leak in getaddrinfo.c↗2023-09-25

▶

Red Hat

glibc: potential use-after-free in getaddrinfo()↗2023-09-12

▶

Microsoft

Glibc: potential use-after-free in getaddrinfo()↗2023-09-12

▶