CVE-2023-7256

EUVD-2023-59437
In affected libpcap versions during the setup of a remote packet capture the internal function sock_initaddress() calls getaddrinfo() and possibly freeaddrinfo(), but does not clearly indicate to the caller function whether freeaddrinfo() still remains to be called after the function returns.  This makes it possible in some scenarios that both the function and its caller call freeaddrinfo() for the same allocated memory block.  A similar problem was reported in Apple libpcap, to which Apple assigned CVE-2023-40400.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 3%
Affected Products (NVD)
VendorProductVersion
tcpdumplibpcap
𝑥
< 1.10.5
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libpcap
bookworm
unimportant
bullseye
unimportant
sid
1.10.5-1
fixed
trixie
1.10.5-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libpcap
bionic
not-affected
focal
not-affected
jammy
not-affected
noble
not-affected
trusty
not-affected
xenial
not-affected
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libpcap-devel
suse enterprise desktop 15 SP5
1.10.1-150400.3.3.2
fixed
suse enterprise desktop 15 SP6
1.10.4-150600.3.3.2
fixed
suse enterprise desktop 15 SP7
1.10.5-150700.1.8
fixed
suse enterprise sap 15 SP5
1.10.1-150400.3.3.2
fixed
suse enterprise sap 15 SP6
1.10.4-150600.3.3.2
fixed
suse enterprise sap 15 SP7
1.10.5-150700.1.8
fixed
suse enterprise server 15 SP4
1.10.1-150400.3.3.2
fixed
suse enterprise server 15 SP5
1.10.1-150400.3.3.2
fixed
suse enterprise server 15 SP6
1.10.4-150600.3.3.2
fixed
suse enterprise server 15 SP7
1.10.5-150700.1.8
fixed
libpcap1
suse enterprise desktop 15 SP5
1.10.1-150400.3.3.2
fixed
suse enterprise desktop 15 SP6
1.10.4-150600.3.3.2
fixed
suse enterprise desktop 15 SP7
1.10.5-150700.1.8
fixed
suse enterprise sap 15 SP5
1.10.1-150400.3.3.2
fixed
suse enterprise sap 15 SP6
1.10.4-150600.3.3.2
fixed
suse enterprise sap 15 SP7
1.10.5-150700.1.8
fixed
suse enterprise server 15 SP4
1.10.1-150400.3.3.2
fixed
suse enterprise server 15 SP5
1.10.1-150400.3.3.2
fixed
suse enterprise server 15 SP6
1.10.4-150600.3.3.2
fixed
suse enterprise server 15 SP7
1.10.5-150700.1.8
fixed
Common Weakness Enumeration
References
https://github.com/the-tcpdump-group/libpcap/commit/262e4f34979872d822ccedf9f318ed89c4d31c03
https://github.com/the-tcpdump-group/libpcap/commit/2aa69b04d8173b18a0e3492e0c8f2f7fabdf642d