getaddrinfo() 中潜在的释放后使用 (CVE-2023-4806)

admin

0
文章

0
评论

2023-11-29 21:01:20 Ali_nvd 来源：ZONE.CI 全球网 0 阅读模式

中危 getaddrinfo() 中潜在的释放后使用 (CVE-2023-4806)

CVE编号

CVE-2023-4806

利用情况

暂无

补丁情况

官方补丁

披露时间

2023-09-19

漏洞描述

A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
http://www.openwall.com/lists/oss-security/2023/10/03/4
http://www.openwall.com/lists/oss-security/2023/10/03/5
http://www.openwall.com/lists/oss-security/2023/10/03/6
http://www.openwall.com/lists/oss-security/2023/10/03/8
https://access.redhat.com/errata/RHSA-2023:5453
https://access.redhat.com/errata/RHSA-2023:5455
https://access.redhat.com/errata/RHSA-2023:7409
https://access.redhat.com/security/cve/CVE-2023-4806
https://bugzilla.redhat.com/show_bug.cgi?id=2237782
https://lists.fedoraproject.org/archives/list/[email protected]...
https://lists.fedoraproject.org/archives/list/[email protected]...
https://lists.fedoraproject.org/archives/list/[email protected]...
https://security.gentoo.org/glsa/202310-03

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	gnu	glibc	2.33	-
	运行在以下环境
	系统	amazon_2023	glibc	*		Up to (excluding) 2.34-52.amzn2023.0.6
	运行在以下环境
	系统	anolis_os_23	glibc-nss-devel	*		Up to (excluding) 2.36-10
	运行在以下环境
	系统	anolis_os_8	glibc-locale-source	*		Up to (excluding) 2.28-225.0.4
	运行在以下环境
	系统	debian_10	glibc	*		Up to (including) 2.28-10+deb10u1
	运行在以下环境
	系统	debian_11	glibc	*		Up to (including) 2.31-13+deb11u6
	运行在以下环境
	系统	debian_12	glibc	*		Up to (excluding) 2.36-9+deb12u3
	运行在以下环境
	系统	debian_sid	glibc	*		Up to (excluding) 2.37-10
	运行在以下环境
	系统	fedora_37	glibc-langpack-mn	*		Up to (excluding) 2.36-14.fc37
	运行在以下环境
	系统	fedora_38	glibc-langpack-mn	*		Up to (excluding) 2.37-10.fc38
	运行在以下环境
	系统	fedora_39	glibc-langpack-mn	*		Up to (excluding) 2.38-6.fc39
	运行在以下环境
	系统	oracle_8	glibc-langpack-da	*		Up to (excluding) 2.28-225.0.4.el8_8.6
	运行在以下环境
	系统	oracle_9	glibc-langpack-da	*		Up to (excluding) 2.34-60.0.3.el9_2.7
	运行在以下环境
	系统	redhat	enterprise_linux	7.0	-
	运行在以下环境
	系统	redhat	enterprise_linux	8.0	-
	运行在以下环境
	系统	redhat	enterprise_linux	9.0	-
	运行在以下环境
	系统	redhat_8	glibc-all-langpacks	*		Up to (excluding) 2.28-225.el8_8.6
	运行在以下环境
	系统	redhat_9	glibc-all-langpacks	*		Up to (excluding) 2.34-60.el9_2.7
	运行在以下环境
	系统	unionos_a	glibc	*		Up to (excluding) glibc-2.28-225.0.4.uelc20.6.01
	运行在以下环境
	系统	unionos_e	glibc	*		Up to (excluding) glibc-2.28-97.uel20.01