* [Bug network/30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527)
2023-09-12 15:16 [Bug network/30842] New: Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) fweimer at redhat dot com
@ 2023-09-12 15:25 ` fweimer at redhat dot com
2023-09-13 3:18 ` sam at gentoo dot org
` (10 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: fweimer at redhat dot com @ 2023-09-12 15:25 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=30842
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
Status|NEW |ASSIGNED
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug network/30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527)
2023-09-12 15:16 [Bug network/30842] New: Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) fweimer at redhat dot com
2023-09-12 15:25 ` [Bug network/30842] " fweimer at redhat dot com
@ 2023-09-13 3:18 ` sam at gentoo dot org
2023-09-13 12:11 ` cvs-commit at gcc dot gnu.org
` (9 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: sam at gentoo dot org @ 2023-09-13 3:18 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=30842
Sam James <sam at gentoo dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |sam at gentoo dot org
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug network/30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527)
2023-09-12 15:16 [Bug network/30842] New: Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) fweimer at redhat dot com
2023-09-12 15:25 ` [Bug network/30842] " fweimer at redhat dot com
2023-09-13 3:18 ` sam at gentoo dot org
@ 2023-09-13 12:11 ` cvs-commit at gcc dot gnu.org
2023-09-13 12:36 ` cvs-commit at gcc dot gnu.org
` (8 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-09-13 12:11 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=30842
--- Comment #1 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Florian Weimer <fw@sourceware.org>:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bd77dd7e73e3530203be1c52c8a29d08270cb25d
commit bd77dd7e73e3530203be1c52c8a29d08270cb25d
Author: Florian Weimer <fweimer@redhat.com>
Date: Wed Sep 13 14:10:56 2023 +0200
CVE-2023-4527: Stack read overflow with large TCP responses in no-aaaa mode
Without passing alt_dns_packet_buffer, __res_context_search can only
store 2048 bytes (what fits into dns_packet_buffer). However,
the function returns the total packet size, and the subsequent
DNS parsing code in _nss_dns_gethostbyname4_r reads beyond the end
of the stack-allocated buffer.
Fixes commit f282cdbe7f436c75864e5640a4 ("resolv: Implement no-aaaa
stub resolver option") and bug 30842.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug network/30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527)
2023-09-12 15:16 [Bug network/30842] New: Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) fweimer at redhat dot com
` (2 preceding siblings ...)
2023-09-13 12:11 ` cvs-commit at gcc dot gnu.org
@ 2023-09-13 12:36 ` cvs-commit at gcc dot gnu.org
2023-09-13 12:36 ` cvs-commit at gcc dot gnu.org
` (7 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-09-13 12:36 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=30842
--- Comment #2 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The release/2.37/master branch has been updated by Florian Weimer
<fw@sourceware.org>:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b7529346025a130fee483d42178b5c118da971bb
commit b7529346025a130fee483d42178b5c118da971bb
Author: Florian Weimer <fweimer@redhat.com>
Date: Wed Sep 13 14:10:56 2023 +0200
CVE-2023-4527: Stack read overflow with large TCP responses in no-aaaa mode
Without passing alt_dns_packet_buffer, __res_context_search can only
store 2048 bytes (what fits into dns_packet_buffer). However,
the function returns the total packet size, and the subsequent
DNS parsing code in _nss_dns_gethostbyname4_r reads beyond the end
of the stack-allocated buffer.
Fixes commit f282cdbe7f436c75864e5640a4 ("resolv: Implement no-aaaa
stub resolver option") and bug 30842.
(cherry picked from commit bd77dd7e73e3530203be1c52c8a29d08270cb25d)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug network/30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527)
2023-09-12 15:16 [Bug network/30842] New: Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) fweimer at redhat dot com
` (3 preceding siblings ...)
2023-09-13 12:36 ` cvs-commit at gcc dot gnu.org
@ 2023-09-13 12:36 ` cvs-commit at gcc dot gnu.org
2023-09-13 12:57 ` cvs-commit at gcc dot gnu.org
` (6 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-09-13 12:36 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=30842
--- Comment #3 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The release/2.38/master branch has been updated by Florian Weimer
<fw@sourceware.org>:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b25508dd774b617f99419bdc3cf2ace4560cd2d6
commit b25508dd774b617f99419bdc3cf2ace4560cd2d6
Author: Florian Weimer <fweimer@redhat.com>
Date: Wed Sep 13 14:10:56 2023 +0200
CVE-2023-4527: Stack read overflow with large TCP responses in no-aaaa mode
Without passing alt_dns_packet_buffer, __res_context_search can only
store 2048 bytes (what fits into dns_packet_buffer). However,
the function returns the total packet size, and the subsequent
DNS parsing code in _nss_dns_gethostbyname4_r reads beyond the end
of the stack-allocated buffer.
Fixes commit f282cdbe7f436c75864e5640a4 ("resolv: Implement no-aaaa
stub resolver option") and bug 30842.
(cherry picked from commit bd77dd7e73e3530203be1c52c8a29d08270cb25d)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug network/30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527)
2023-09-12 15:16 [Bug network/30842] New: Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) fweimer at redhat dot com
` (4 preceding siblings ...)
2023-09-13 12:36 ` cvs-commit at gcc dot gnu.org
@ 2023-09-13 12:57 ` cvs-commit at gcc dot gnu.org
2023-09-13 12:58 ` fweimer at redhat dot com
` (5 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-09-13 12:57 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=30842
--- Comment #4 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The release/2.36/master branch has been updated by Florian Weimer
<fw@sourceware.org>:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=4ea972b7edd7e36610e8cde18bf7a8149d7bac4f
commit 4ea972b7edd7e36610e8cde18bf7a8149d7bac4f
Author: Florian Weimer <fweimer@redhat.com>
Date: Wed Sep 13 14:10:56 2023 +0200
CVE-2023-4527: Stack read overflow with large TCP responses in no-aaaa mode
Without passing alt_dns_packet_buffer, __res_context_search can only
store 2048 bytes (what fits into dns_packet_buffer). However,
the function returns the total packet size, and the subsequent
DNS parsing code in _nss_dns_gethostbyname4_r reads beyond the end
of the stack-allocated buffer.
Fixes commit f282cdbe7f436c75864e5640a4 ("resolv: Implement no-aaaa
stub resolver option") and bug 30842.
(cherry picked from commit bd77dd7e73e3530203be1c52c8a29d08270cb25d)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug network/30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527)
2023-09-12 15:16 [Bug network/30842] New: Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) fweimer at redhat dot com
` (5 preceding siblings ...)
2023-09-13 12:57 ` cvs-commit at gcc dot gnu.org
@ 2023-09-13 12:58 ` fweimer at redhat dot com
2023-09-26 22:52 ` cvs-commit at gcc dot gnu.org
` (4 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: fweimer at redhat dot com @ 2023-09-13 12:58 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=30842
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|--- |2.39
Status|ASSIGNED |RESOLVED
Resolution|--- |FIXED
--- Comment #5 from Florian Weimer <fweimer at redhat dot com> ---
All impacted branches fixed.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug network/30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527)
2023-09-12 15:16 [Bug network/30842] New: Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) fweimer at redhat dot com
` (6 preceding siblings ...)
2023-09-13 12:58 ` fweimer at redhat dot com
@ 2023-09-26 22:52 ` cvs-commit at gcc dot gnu.org
2023-09-26 22:53 ` cvs-commit at gcc dot gnu.org
` (3 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-09-26 22:52 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=30842
--- Comment #6 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The release/2.38/master branch has been updated by Siddhesh Poyarekar
<siddhesh@sourceware.org>:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5ee59ca371b99984232d7584fe2b1a758b4421d3
commit 5ee59ca371b99984232d7584fe2b1a758b4421d3
Author: Romain Geissler <romain.geissler@amadeus.com>
Date: Mon Sep 25 01:21:51 2023 +0100
Fix leak in getaddrinfo introduced by the fix for CVE-2023-4806 [BZ #30843]
This patch fixes a very recently added leak in getaddrinfo.
This was assigned CVE-2023-5156.
Resolves: BZ #30884
Related: BZ #30842
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
(cherry picked from commit ec6b95c3303c700eb89eebeda2d7264cc184a796)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug network/30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527)
2023-09-12 15:16 [Bug network/30842] New: Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) fweimer at redhat dot com
` (7 preceding siblings ...)
2023-09-26 22:52 ` cvs-commit at gcc dot gnu.org
@ 2023-09-26 22:53 ` cvs-commit at gcc dot gnu.org
2023-09-26 22:53 ` cvs-commit at gcc dot gnu.org
` (2 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-09-26 22:53 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=30842
--- Comment #7 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The release/2.37/master branch has been updated by Siddhesh Poyarekar
<siddhesh@sourceware.org>:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=4473d1b87d04b25cdd0e0354814eeaa421328268
commit 4473d1b87d04b25cdd0e0354814eeaa421328268
Author: Romain Geissler <romain.geissler@amadeus.com>
Date: Mon Sep 25 01:21:51 2023 +0100
Fix leak in getaddrinfo introduced by the fix for CVE-2023-4806 [BZ #30843]
This patch fixes a very recently added leak in getaddrinfo.
This was assigned CVE-2023-5156.
Resolves: BZ #30884
Related: BZ #30842
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
(cherry picked from commit ec6b95c3303c700eb89eebeda2d7264cc184a796)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug network/30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527)
2023-09-12 15:16 [Bug network/30842] New: Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) fweimer at redhat dot com
` (8 preceding siblings ...)
2023-09-26 22:53 ` cvs-commit at gcc dot gnu.org
@ 2023-09-26 22:53 ` cvs-commit at gcc dot gnu.org
2023-09-26 22:54 ` cvs-commit at gcc dot gnu.org
2023-09-26 22:54 ` cvs-commit at gcc dot gnu.org
11 siblings, 0 replies; 13+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-09-26 22:53 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=30842
--- Comment #8 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The release/2.36/master branch has been updated by Siddhesh Poyarekar
<siddhesh@sourceware.org>:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=856bac55f98dc840e7c27cfa82262b933385de90
commit 856bac55f98dc840e7c27cfa82262b933385de90
Author: Romain Geissler <romain.geissler@amadeus.com>
Date: Mon Sep 25 01:21:51 2023 +0100
Fix leak in getaddrinfo introduced by the fix for CVE-2023-4806 [BZ #30843]
This patch fixes a very recently added leak in getaddrinfo.
This was assigned CVE-2023-5156.
Resolves: BZ #30884
Related: BZ #30842
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
(cherry picked from commit ec6b95c3303c700eb89eebeda2d7264cc184a796)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug network/30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527)
2023-09-12 15:16 [Bug network/30842] New: Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) fweimer at redhat dot com
` (9 preceding siblings ...)
2023-09-26 22:53 ` cvs-commit at gcc dot gnu.org
@ 2023-09-26 22:54 ` cvs-commit at gcc dot gnu.org
2023-09-26 22:54 ` cvs-commit at gcc dot gnu.org
11 siblings, 0 replies; 13+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-09-26 22:54 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=30842
--- Comment #9 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The release/2.35/master branch has been updated by Siddhesh Poyarekar
<siddhesh@sourceware.org>:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=17092c0311f954e6f3c010f73ce3a78c24ac279a
commit 17092c0311f954e6f3c010f73ce3a78c24ac279a
Author: Romain Geissler <romain.geissler@amadeus.com>
Date: Mon Sep 25 01:21:51 2023 +0100
Fix leak in getaddrinfo introduced by the fix for CVE-2023-4806 [BZ #30843]
This patch fixes a very recently added leak in getaddrinfo.
This was assigned CVE-2023-5156.
Resolves: BZ #30884
Related: BZ #30842
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
(cherry picked from commit ec6b95c3303c700eb89eebeda2d7264cc184a796)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug network/30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527)
2023-09-12 15:16 [Bug network/30842] New: Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) fweimer at redhat dot com
` (10 preceding siblings ...)
2023-09-26 22:54 ` cvs-commit at gcc dot gnu.org
@ 2023-09-26 22:54 ` cvs-commit at gcc dot gnu.org
11 siblings, 0 replies; 13+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-09-26 22:54 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=30842
--- Comment #10 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The release/2.34/master branch has been updated by Siddhesh Poyarekar
<siddhesh@sourceware.org>:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8006457ab7e1cd556b919f477348a96fe88f2e49
commit 8006457ab7e1cd556b919f477348a96fe88f2e49
Author: Romain Geissler <romain.geissler@amadeus.com>
Date: Mon Sep 25 01:21:51 2023 +0100
Fix leak in getaddrinfo introduced by the fix for CVE-2023-4806 [BZ #30843]
This patch fixes a very recently added leak in getaddrinfo.
This was assigned CVE-2023-5156.
Resolves: BZ #30884
Related: BZ #30842
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
(cherry picked from commit ec6b95c3303c700eb89eebeda2d7264cc184a796)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 13+ messages in thread