VYPR
Unrated severityNVD Advisory· Published Dec 12, 2013· Updated Jun 16, 2026

CVE-2013-4458

CVE-2013-4458

Description

Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

32
  • GNU/Glibc28 versions
    cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*+ 27 more
    • cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*range: <=2.18
    • cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*
    • (no CPE)range: <=2.18
  • cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*
  • osv-coords2 versions
    < 2.24-2.3+ 1 more
    • (no CPE)range: < 2.24-2.3
    • (no CPE)range: < 2.11.3-17.45.66.1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.