Design/Logic Flaw

2017-03-2415:59:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.6%

JSON

The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via a crafted packet.

CPENameOperatorVersion
uclibc-ngle1.0.11

CPE	Name	Operator	Version
	uclibc-ng	le	1.0.11

References

repo.or.cz/uclibc-ng.git/commit/6932f2282ba0578d6ca2f21eead920d6b78bc93c

www.openwall.com/lists/oss-security/2016/02/05/2

www.openwall.com/lists/oss-security/2016/02/05/3

www.securityfocus.com/bid/82903

security-tracker.debian.org/tracker/CVE-2016-2225