CVE-2017-15650

musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dns_parse_callback in network/lookup_name.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:musl-libc:musl:*:*:*:*:*:*:*:*

Information

Published : 2017-10-19 16:29

Updated : 2017-11-08 08:21


NVD link : CVE-2017-15650

Mitre link : CVE-2017-15650


JSON object : View

CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Advertisement

dedicated server usa

Products Affected

musl-libc

  • musl