Headline

CVE-2021-45780: Memory leak in ifconfig

GNU Inetutils commit cf091 was discovered to contain a memory leak via the ifconfig function.

2 years ago

CVE

Open in Source

#ubuntu #linux #redis

# Memory leak in ifconfig

## Description

Memory leak in ifconfig

**version**

```
./ifconfig --version
ifconfig (GNU inetutils) 2.2.16-cf091
Copyright © 2021 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later https://gnu.org/licenses/gpl.html\.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Written by Marcus Brinkmann.
```

**System information**
Ubuntu 20.04 focal, AMD EPYC 7742 64-Core @ 16x 2.25GHz

**Result**

```
./ifconfig
docker0 Link encap:Ethernet HWaddr 02:42:0F:3F:D1:8C
inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 TX bytes:0

ens160 Link encap:Ethernet HWaddr 00:0C:29:E5:38:0E
inet addr:192.168.155.5 Bcast:192.168.155.255 Mask:255.255.254.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7327 errors:0 dropped:0 overruns:0 frame:0
TX packets:6372 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:844586 TX bytes:2386960

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:3092 errors:0 dropped:0 overruns:0 frame:0
TX packets:3092 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1598123 TX bytes:1598123

=================================================================
==7524==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x494bdd in malloc (/root/disk2/fuzzing/inetutils/fuzz/bin/ifconfig+0x494bdd)
#1 0x4e0330 in linux_if_nameindex /root/disk2/fuzzing/inetutils/inetutils/ifconfig/./system/linux.c:948:11
#2 0x4cbfd5 in parse_cmdline /root/disk2/fuzzing/inetutils/inetutils/ifconfig/options.c:678:22
#3 0x4c432c in main /root/disk2/fuzzing/inetutils/inetutils/ifconfig/ifconfig.c:56:3

SUMMARY: AddressSanitizer: 64 byte(s) leaked in 1 allocation(s).
```

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

9 months ago

9 months ago

9 months ago

9 months ago

9 months ago