CVE-2023-7256

Name
CVE-2023-7256
Description
In affected libpcap versions during the setup of a remote packet capture the internal function sock_initaddress() calls getaddrinfo() and possibly freeaddrinfo(), but does not clearly indicate to the caller function whether freeaddrinfo() still remains to be called after the function returns. This makes it possible in some scenarios that both the function and its caller call freeaddrinfo() for the same allocated memory block. A similar problem was reported in Apple libpcap, to which Apple assigned CVE-2023-40400.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
patch https://github.com/the-tcpdump-group/libpcap/commit/262e4f34979872d822ccedf9f318ed89c4d31c03
patch https://github.com/the-tcpdump-group/libpcap/commit/2aa69b04d8173b18a0e3492e0c8f2f7fabdf642d

Match rules

CPE URI Source package Min version Max version
libpcap == 1.8.x == 1.8.x
libpcap == 1.9.x == 1.9.x
libpcap >= 1.10.x <= 1.10.4

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
libpcap 3.20-main 1.10.4-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
libpcap 3.19-main 1.10.4-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
libpcap 3.18-main 1.10.4-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
libpcap 3.17-main 1.10.1-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable