If the system is configured in no-aaaa mode via /etc/resolv.conf, getaddrinfo is called for the AF_UNSPEC address family, and a DNS response is received over TCP that is larger than 2048 bytes, getaddrinfo may potentially disclose stack contents via the returned address data, or crash. While name lookup normally just fails incorrectly, crashes are not difficult to trigger, with valid DNS responses that are propagated by DNS resolvers. Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=30842
Created glibc tracking bugs for this issue: Affects: fedora-all [bug 2238600]
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:5453 https://access.redhat.com/errata/RHSA-2023:5453
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:5455 https://access.redhat.com/errata/RHSA-2023:5455