A flaw has been identified in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.
| Version | Score | Severity | Vector String |
|---|---|---|---|
| 3.1 | 5.9 | Medium | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Product | Vendor | Version |
|---|---|---|
| Red Hat Enterprise Linux 8 | Red Hat | < 6.3.9600.22175 |
| Red Hat Enterprise Linux 8.6 Extended Update Support | Red Hat | < 2.9.0.250911 |
| Red Hat Enterprise Linux 9 | Red Hat | < 3.0.0.251127 |