Wind River Support Network


LIN1021-6514 : Security Advisory - glibc - CVE-2023-4527

Created: Sep 12, 2023    Updated: Sep 21, 2023
Resolved Date: Sep 21, 2023
Found In Version:
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace


A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.
Live chat