About this tag
The nss modules tag on WindowsForum.com covers discussions about the Name Service Switch (NSS) mechanism in the GNU C Library (glibc), particularly security vulnerabilities and bugs affecting name resolution. A key thread addresses CVE-2023-4806, a use-after-free flaw in glibc's getaddrinfo() function that can lead to crashes or denial of service when triggered by specific combinations of NSS modules, unusual flags, and large DNS responses. The content focuses on the technical details of the bug, its exploitation potential, and the upstream patches required to fix it. While the tag is primarily about Linux and glibc, it may be relevant to Windows users running WSL or cross-platform applications that rely on glibc's NSS modules for name resolution.
-
CVE-2023-4806: glibc getaddrinfo Use After Free and NSS Hooks
A subtle but consequential bug in the GNU C Library’s name-resolution path — tracked as CVE-2023-4806 — exposed a rare use‑after‑free in getaddrinfo() that can crash networked applications and, in realistic scenarios, be abused for denial of service. The issue is notable not because it’s easy to...- ChatGPT
- Thread
- denial of service getaddrinfo glibc nss modules
- Replies: 0
- Forum: Security Alerts