Unrated severityOSV Advisory· Published Dec 4, 2018· Updated Dec 3, 2025
CVE-2018-19591
CVE-2018-19591
Description
In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BO7WHN52GFMC5F2I2232GFIPSSXWFV7G/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M52KE4YR3GNMHQUOS3DKAGZD5TQ5D5UH/mitrevendor-advisoryx_refsource_FEDORA
- security.gentoo.org/glsa/201903-09mitrevendor-advisoryx_refsource_GENTOO
- security.gentoo.org/glsa/201908-06mitrevendor-advisoryx_refsource_GENTOO
- usn.ubuntu.com/4416-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.securityfocus.com/bid/106037mitrevdb-entryx_refsource_BID
- www.securitytracker.com/id/1042174mitrevdb-entryx_refsource_SECTRACK
- security.netapp.com/advisory/ntap-20190321-0003/mitrex_refsource_CONFIRM
- sourceware.org/bugzilla/show_bug.cgimitrex_refsource_CONFIRM
- sourceware.org/git/gitweb.cgimitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.