Описание
When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload.
A heap out-of-bounds read flaw was found in ldns, specifically within the ldns_rr_new_frm_str_internal function. This flaw allows an attacker to leak information on the heap by creating a malicious zone file.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | ldns | Out of support scope | ||
| Red Hat Enterprise Linux 7 | ldns | Out of support scope | ||
| Red Hat Enterprise Linux 8 | ldns | Will not fix | ||
| Red Hat Enterprise Linux 9 | ldns | Not affected |
Показывать по
Дополнительная информация
Статус:
6.5 Medium
CVSS3
Связанные уязвимости
When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload.
When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload.
When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_ ...
When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload.
Уязвимость функции ldns_rr_new_frm_str_internal библиотеки DNS LDNS, позволяющая нарушителю получить доступ к конфиденциальным данным
6.5 Medium
CVSS3