Описание
The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read) via an empty hostname.
An out of bounds read vulnerability was found in libevent in the search_make_new function. If an attacker could cause an application using libevent to attempt resolving an empty hostname, an out of bounds read could occur possibly leading to a crash.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | firefox | Will not fix | ||
| Red Hat Enterprise Linux 5 | libevent | Will not fix | ||
| Red Hat Enterprise Linux 5 | nfs-utils | Not affected | ||
| Red Hat Enterprise Linux 5 | openmpi | Not affected | ||
| Red Hat Enterprise Linux 5 | thunderbird | Will not fix | ||
| Red Hat Enterprise Linux 6 | chromium-browser | Not affected | ||
| Red Hat Enterprise Linux 6 | libevent | Will not fix | ||
| Red Hat Enterprise Linux 6 | nfs-utils | Not affected | ||
| Red Hat Enterprise Linux 6 | openmpi | Not affected | ||
| Red Hat Enterprise Linux 7 | libevent | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read) via an empty hostname.
The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read) via an empty hostname.
The search_make_new function in evdns.c in libevent before 2.1.6-beta ...
The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read) via an empty hostname.
EPSS
7.5 High
CVSS3