CVE-2023-7256

CVSS v3.1

4.4

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions libpcap versions (affected versions not specified)

Description The issue is related to the function freeaddrinfo() in the libpcap library, where it is called for the same allocated memory block, potentially leading to a denial of service. During the setup of a remote packet capture, the internal function sock initaddress() calls getaddrinfo() and possibly freeaddrinfo(), but does not clearly indicate to the caller function whether freeaddrinfo() still remains to be called after the function returns. This can cause both the function and its caller to call freeaddrinfo() for the same allocated memory block.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-415

Related Identifiers

ALT-PU-2025-2493

ALT-PU-2025-2535

AZL-48415

AZL-48427

AZL-48451

AZL-48468

BDU:2024-07427

CLEANSTART-2026-KY75084

CLEANSTART-2026-TO88856

CVE-2023-7256

MGASA-2024-0295

OESA-2024-2180

OPENSUSE-SU-2024:14309-1

OPENSUSE-SU-2024_3210-1

OPENSUSE-SU-2024_3217-1

OPENSUSE-SU-2024_3516-1

SUSE-SU-2024:3210-1

SUSE-SU-2024:3217-1

SUSE-SU-2024:3355-1

SUSE-SU-2024:3516-1

SUSE-SU-2024_3210-1

SUSE-SU-2024_3217-1

SUSE-SU-2024_3355-1

SUSE-SU-2025:20059-1

SUSE-SU-2026:20064-1

Affected Products

Alt Linux

Debian

Red Os

Suse

Libpcap

CVE-2023-7256

Weakness Enumeration

Related Identifiers

Affected Products

References · 87