CVE 2013-4357

The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service.

Related bugs and status

CVE-2013-4357 (Candidate) is related to these bugs:

Bug #1352504: Regression in 2.11.1-0ubuntu7.14; segfault in getservbyname

		In	Importance	Status
1352504	Regression in 2.11.1-0ubuntu7.14; segfault in getservbyname	eglibc (Ubuntu)	Undecided	Invalid
1352504	Regression in 2.11.1-0ubuntu7.14; segfault in getservbyname	eglibc (Ubuntu Trusty)	Undecided	Invalid
1352504	Regression in 2.11.1-0ubuntu7.14; segfault in getservbyname	eglibc (Ubuntu Utopic)	Undecided	Invalid
1352504	Regression in 2.11.1-0ubuntu7.14; segfault in getservbyname	eglibc (Ubuntu Lucid)	Critical	Fix Released
1352504	Regression in 2.11.1-0ubuntu7.14; segfault in getservbyname	eglibc (Ubuntu Precise)	Undecided	Invalid

Bug #1364584: `getaddrinfo` leaks memory

Summary				In	Importance	Status
	1364584	`getaddrinfo` leaks memory		eglibc (Ubuntu)	Undecided	Invalid
	1364584	`getaddrinfo` leaks memory		eglibc (Ubuntu Lucid)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.