CBL Mariner 2.0 Security Update: uclibc-ng (CVE-2021-43523)

The version of uclibc-ng installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-43523 advisory. - In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned ...

CVE-2021-43523 affecting package uclibc-ng for versions less than 1.0.37-2

CVE-2021-43523 affecting package uclibc-ng for versions less than 1.0.37-2. A patched version of the package is available...

CVE-2021-43523 affecting package uclibc-ng 1.0.37-2

CVE-2021-43523 affecting package uclibc-ng 1.0.37-2. A patched version of the package is available...

CVE-2021-43523

creationtimestamp| type| source ---|---|--- 2021-11-10 18:36:55+00:00| seen| https://t.me/cibsecurity/32176 2026-03-16 06:10:59+00:00| seen| https://gist.github.com/gtxaspec/c640ad74ece9fd16a3ba60a2a05ebdb1...

CVE-2021-43523

The CVE-2021-43523 issue affects uClibc/uClibc-ng prior to 1.0.39, where improper handling of special characters in DNS-derived domain names can cause domain hijacking and injection into applications (potential remote code execution, XSS, crashes). The vulnerability arises from a missing validati...

CVE-2021-43523

In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames leading to domain hijacking or injection into applications leading to remote...

Linux kernel post-release reuse vulnerability (CNVD-2021-43523)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A post-release reuse vulnerability exists in the XFRM subsystem in Linux kernel versions prior to 5.0.19. An attacker...