Summary: | <sys-libs/glibc-2.20-r2: getaddrinfo() writes DNS queries to random file descriptors under high load (CVE-2013-7423) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Kristian Fiskerstrand (RETIRED) <k_f> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | cyberbat83, hanno, toolchain |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://sourceware.org/bugzilla/show_bug.cgi?id=15946 | ||
Whiteboard: | A3 [glsa cleanup] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 516884, 544034 | ||
Bug Blocks: |
Description
Kristian Fiskerstrand (RETIRED)
2015-01-28 19:41:40 UTC
This issue seems to be confirmed fixed in version 2.20. There was some confusion whether the issue still persists after this version, however that seems to have been limited to a bad testcase. Versions prior to 2.20 are vulnerable to this issue. https://sourceware.org/ml/glibc-bugs/2015-01/msg00226.html CVE-2013-7423 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7423): The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of request that trigger a call to the getaddrinfo function. This issue was resolved and addressed in GLSA 201602-02 at https://security.gentoo.org/glsa/201602-02 by GLSA coordinator Tobias Heinlein (keytoaster). |