CVE-2013-4458 (GCVE-0-2013-4458)
Vulnerability from cvelistv5 – Published: 2013-12-12 18:00 – Updated: 2024-08-06 16:45
VLAI
EPSS
VEX
Summary
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://sourceware.org/ml/libc-alpha/2013-10/msg0… | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| https://security.gentoo.org/glsa/201503-04 | vendor-advisoryx_refsource_GENTOO |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| https://sourceware.org/bugzilla/show_bug.cgi?id=16072 | x_refsource_CONFIRM |
Date Public
2013-10-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:45:14.820Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[libc-alpha] 20131022 [PATCH][BZ #16072] Fix stack overflow due to large AF_INET6 requests",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://sourceware.org/ml/libc-alpha/2013-10/msg00733.html"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "MDVSA-2013:284",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2013:283",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16072"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[libc-alpha] 20131022 [PATCH][BZ #16072] Fix stack overflow due to large AF_INET6 requests",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://sourceware.org/ml/libc-alpha/2013-10/msg00733.html"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "MDVSA-2013:284",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2013:283",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16072"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4458",
"datePublished": "2013-12-12T18:00:00.000Z",
"dateReserved": "2013-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:45:14.820Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2013-4458",
"date": "2026-07-18",
"epss": "0.04154",
"percentile": "0.89735"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.18\", \"matchCriteriaId\": \"EDDAD2B2-386E-4DEA-A20E-0C2197E12089\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5C0577C-6BC7-418F-B2C5-B74800D43418\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FEA795F7-8AAC-42BA-971B-601346704BD8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5CADA314-C0D0-40F8-9019-884F17D0B54A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"255E0C0D-0B70-4C10-BF7C-34193AA24C42\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F424F2F5-D7E4-4A13-A8CF-32D466610BDF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1329215-C53A-40D5-8E9C-F457D092E483\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E2A0F12-FD00-40B9-86AD-7D082385E5DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8ED8F0E8-A969-4F7F-A100-662F4A5426FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9416576F-A605-45BE-AA01-FEF357A66979\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE582B8F-4E31-4D0F-B2F9-AC83C855F751\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB56D9C9-13B3-418C-B06C-0997E165F1C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"19D5667D-5EA4-4B44-BF8A-9C10506BD4E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A30D0EE-1AED-4C99-8A22-24E47212F3FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4169CA4B-C4F5-499A-A35A-49DD43AC0A22\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C55E32EC-33A6-4145-9B76-C7E3DBACD1E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6423F0B5-E483-4DE9-B13F-3A7322F055DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"37880948-2AB5-491A-85E2-B7E271E03B1D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DF8E0DCD-8D39-4C89-9B4C-37025D9BE3A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFD5D113-EF53-4690-92AC-B6E54D70AA9B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92B1C39D-1183-4FAE-85C2-D1DC7AA6F431\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"733A1711-D2FC-45C6-9542-893860851F6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA4CFA8E-9892-4DDA-9DB2-581711E974A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1E91F85-7872-4290-BE7F-C966AC2773CB\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5900A25-FDD7-4900-BF7C-F3ECCB714D2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*\", \"matchCriteriaId\": \"CB6476C7-03F2-4939-AB85-69AA524516D9\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914.\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de b\\u00fafer basado en pila en la funci\\u00f3n getaddrinfo en sysdeps/posix/getaddrinfo.c de GNU C Library (tambi\\u00e9n conocido como glibc o libc6) 2.18 y anteriores versiones permite a atacantes remotos provocar una denegaci\\u00f3n de servicio (ca\\u00edda) a trav\\u00e9s de (1) un nombre de host o (2) direcci\\u00f3n IP que desencadena un gran n\\u00famero de resultados de direcci\\u00f3n AF_INET6. NOTA: esta vulnerabilidad existe por un parche incompleto para CVE-2013-1914.\"}]",
"id": "CVE-2013-4458",
"lastModified": "2024-11-21T01:55:36.460",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2013-12-12T18:55:10.883",
"references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2013:283\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2013:284\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://security.gentoo.org/glsa/201503-04\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://sourceware.org/bugzilla/show_bug.cgi?id=16072\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"https://sourceware.org/ml/libc-alpha/2013-10/msg00733.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2013:283\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2013:284\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.gentoo.org/glsa/201503-04\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://sourceware.org/bugzilla/show_bug.cgi?id=16072\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"https://sourceware.org/ml/libc-alpha/2013-10/msg00733.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2013-4458\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-12-12T18:55:10.883\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n getaddrinfo en sysdeps/posix/getaddrinfo.c de GNU C Library (tambi\u00e9n conocido como glibc o libc6) 2.18 y anteriores versiones permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de (1) un nombre de host o (2) direcci\u00f3n IP que desencadena un gran n\u00famero de resultados de direcci\u00f3n AF_INET6. NOTA: esta vulnerabilidad existe por un parche incompleto para CVE-2013-1914.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.18\",\"matchCriteriaId\":\"EDDAD2B2-386E-4DEA-A20E-0C2197E12089\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5C0577C-6BC7-418F-B2C5-B74800D43418\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEA795F7-8AAC-42BA-971B-601346704BD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CADA314-C0D0-40F8-9019-884F17D0B54A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"255E0C0D-0B70-4C10-BF7C-34193AA24C42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F424F2F5-D7E4-4A13-A8CF-32D466610BDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1329215-C53A-40D5-8E9C-F457D092E483\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E2A0F12-FD00-40B9-86AD-7D082385E5DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8ED8F0E8-A969-4F7F-A100-662F4A5426FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9416576F-A605-45BE-AA01-FEF357A66979\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE582B8F-4E31-4D0F-B2F9-AC83C855F751\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB56D9C9-13B3-418C-B06C-0997E165F1C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19D5667D-5EA4-4B44-BF8A-9C10506BD4E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A30D0EE-1AED-4C99-8A22-24E47212F3FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4169CA4B-C4F5-499A-A35A-49DD43AC0A22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C55E32EC-33A6-4145-9B76-C7E3DBACD1E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6423F0B5-E483-4DE9-B13F-3A7322F055DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37880948-2AB5-491A-85E2-B7E271E03B1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF8E0DCD-8D39-4C89-9B4C-37025D9BE3A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFD5D113-EF53-4690-92AC-B6E54D70AA9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92B1C39D-1183-4FAE-85C2-D1DC7AA6F431\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"733A1711-D2FC-45C6-9542-893860851F6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA4CFA8E-9892-4DDA-9DB2-581711E974A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1E91F85-7872-4290-BE7F-C966AC2773CB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5900A25-FDD7-4900-BF7C-F3ECCB714D2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"CB6476C7-03F2-4939-AB85-69AA524516D9\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:283\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:284\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://security.gentoo.org/glsa/201503-04\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://sourceware.org/bugzilla/show_bug.cgi?id=16072\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\"]},{\"url\":\"https://sourceware.org/ml/libc-alpha/2013-10/msg00733.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:283\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:284\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201503-04\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://sourceware.org/bugzilla/show_bug.cgi?id=16072\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://sourceware.org/ml/libc-alpha/2013-10/msg00733.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
"redhat_vex": {
"aggregate_severity": "Low",
"current_release_date": "2025-11-21T12:37:03+00:00",
"cve": "CVE-2013-4458",
"id": "CVE-2013-4458",
"initial_release_date": "2013-10-22T00:00:00+00:00",
"product_status:fixed": "376",
"product_status:known_affected": "1",
"product_status:known_not_affected": "8",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "glibc: Stack (frame) overflow in getaddrinfo() when called with AF_INET6",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2013/cve-2013-4458.json",
"version": "3"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…