Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Double-free in libpcap before 1.10.5 with remote packet capture support.
Vulnerability Description
In affected libpcap versions during the setup of a remote packet capture the internal function sock_initaddress() calls getaddrinfo() and possibly freeaddrinfo(), but does not clearly indicate to the caller function whether freeaddrinfo() still remains to be called after the function returns. This makes it possible in some scenarios that both the function and its caller call freeaddrinfo() for the same allocated memory block. A similar problem was reported in Apple libpcap, to which Apple assigned CVE-2023-40400.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
双重释放
Vulnerability Title
libpcap 资源管理错误漏洞
Vulnerability Description
libpcap是Tcpdump团队的一款用于网络流量捕获的便携式C/C ++库。 libpcap存在资源管理错误漏洞,该漏洞源于sock_initaddress()函数对getaddrinfo()和freeaddrinfo()的调用逻辑不清晰,可能导致同一内存块被多次释放。
CVSS Information
N/A
Vulnerability Type
N/A