You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
getaddrinfo
About this tag
The getaddrinfo function is a critical component in network programming, used for name resolution on both Linux and Windows systems. On Linux, recent vulnerabilities in glibc's getaddrinfo implementation, such as CVE-2023-5156 and CVE-2023-4806, have introduced memory leaks and use-after-free bugs that can lead to denial of service in networked services. These issues arise from complex interactions with NSS modules and DNS responses, and have been patched in glibc 2.39. On Windows, a known issue affects multi-homed computers running Vista, Server 2008, or Windows 7, where getaddrinfo may return an incorrect first IP address. Discussions on WindowsForum cover these security risks, troubleshooting steps, and fixes for getaddrinfo-related problems.
The glibc library’s getaddrinfo implementation suffered a subtle — but operationally important — regression in late 2023 that introduced a memory leak capable of producing denial‑of‑service conditions in networked services: CVE‑2023‑5156 is a memory‑leak bug in getaddrinfo.c, introduced as a...
A subtle but consequential bug in the GNU C Library’s name-resolution path — tracked as CVE-2023-4806 — exposed a rare use‑after‑free in getaddrinfo() that can crash networked applications and, in realistic scenarios, be abused for denial of service. The issue is notable not because it’s easy to...
Fixes an issue in which the first-returned IP address is incorrect when an application calls the getaddrinfo function on a computer. This issue occurs on a multi-homed computer that is running Windows Vista, Windows Server 2008, Windows 7, or Windows...
Link Removed