[Bug 2037516] [NEW] glibc: CVE-2023-5156: Memory leak in getaddrinfo after fix for CVE-2023-4806
Simon Chopin
2037516 at bugs.launchpad.net
Wed Sep 27 09:07:45 UTC 2023
Public bug reported:
Imported from Debian bug http://bugs.debian.org/1053002:
Source: glibc
Version: 2.37-10
Severity: important
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=30884
X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
Hi,
The following vulnerability was published for glibc.
Filling mainly for tracking of the issue.
CVE-2023-5156[0]:
| A flaw was found in the GNU C Library. A recent fix for
| CVE-2023-4806 introduced the potential for a memory leak, which may
| result in an application crash.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2023-5156
https://www.cve.org/CVERecord?id=CVE-2023-5156
[1] https://sourceware.org/bugzilla/show_bug.cgi?id=30884
Regards,
Salvatore
** Affects: glibc (Ubuntu)
Importance: Critical
Status: In Progress
** Affects: glibc (Debian)
Importance: Undecided
Status: New
** Bug watch added: Debian Bug tracker #1053002
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053002
** Changed in: glibc (Debian)
Remote watch: None => Debian Bug tracker #1053002
** Changed in: glibc (Ubuntu)
Status: New => In Progress
** Changed in: glibc (Ubuntu)
Importance: Undecided => Critical
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to glibc in Ubuntu.
https://bugs.launchpad.net/bugs/2037516
Title:
glibc: CVE-2023-5156: Memory leak in getaddrinfo after fix for
CVE-2023-4806
Status in glibc package in Ubuntu:
In Progress
Status in glibc package in Debian:
New
Bug description:
Imported from Debian bug http://bugs.debian.org/1053002:
Source: glibc
Version: 2.37-10
Severity: important
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=30884
X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
Hi,
The following vulnerability was published for glibc.
Filling mainly for tracking of the issue.
CVE-2023-5156[0]:
| A flaw was found in the GNU C Library. A recent fix for
| CVE-2023-4806 introduced the potential for a memory leak, which may
| result in an application crash.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2023-5156
https://www.cve.org/CVERecord?id=CVE-2023-5156
[1] https://sourceware.org/bugzilla/show_bug.cgi?id=30884
Regards,
Salvatore
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/2037516/+subscriptions
More information about the foundations-bugs
mailing list