CVE-2023-7256

ADVISORY - nist

Summary

In affected libpcap versions during the setup of a remote packet capture the internal function sock_initaddress() calls getaddrinfo() and possibly freeaddrinfo(), but does not clearly indicate to the caller function whether freeaddrinfo() still remains to be called after the function returns. This makes it possible in some scenarios that both the function and its caller call freeaddrinfo() for the same allocated memory block. A similar problem was reported in Apple libpcap, to which Apple assigned CVE-2023-40400.

EPSS Score⁠: 0.00014 (0.020)

Common Weakness Enumeration (CWE)

ADVISORY - nist

NIST

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDCVE-2023-7256⁠

EXPLOITABILITY SCORE

0.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-415⁠

CVSS SCORE

4.4medium

Alpine

CREATED

5 months ago

UPDATED

3 months ago

ADVISORY IDCVE-2023-7256⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

1 year ago

UPDATED

9 days ago

ADVISORY IDCVE-2023-7256⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

1 year ago

UPDATED

10 months ago

ADVISORY IDCVE-2023-7256⁠

EXPLOITABILITY SCORE

0.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

4.4medium

Red Hat

CREATED

1 year ago

UPDATED

2 days ago

ADVISORY IDCVE-2023-7256⁠

EXPLOITABILITY SCORE

0.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-415⁠

CVSS SCORE

4.4medium

Photon

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY ID

CVE-2023-7256

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

4.4medium

CVE-2023-7256

Summary

Common Weakness Enumeration (CWE)

CWE-415⁠

CWE-415⁠

Advisories

NIST

CVSS SCORE

Alpine

Debian

CVSS SCORE

Ubuntu

CVSS SCORE

Red Hat

CVSS SCORE

Photon

CVSS SCORE