CVE-2023-7256: Double-free in libpcap before 1.10.5 with remote packet capture support.
First published: Fri Aug 30 2024(Updated: )
In affected libpcap versions during the setup of a remote packet capture the internal function sock_initaddress() calls getaddrinfo() and possibly freeaddrinfo(), but does not clearly indicate to the caller function whether freeaddrinfo() still remains to be called after the function returns. This makes it possible in some scenarios that both the function and its caller call freeaddrinfo() for the same allocated memory block. A similar problem was reported in Apple libpcap, to which Apple assigned CVE-2023-40400.
Credit: security@tcpdump.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tcpdump Libpcap | <1.10.5 |
Remedy
Upgrade to libpcap 1.10.5.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/weakness
- agent/references
- agent/title
- agent/type
- agent/description
- agent/first-publish-date
- agent/severity
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- vendor/tcpdump
- canonical/tcpdump libpcap