2 matches found
CLSA-2026-1778174719 Fix CVE(s): CVE-2026-40684
SECURITY UPDATE: Crash via malformed DNS response on musl libc systems - debian/patches/CVE-2026-40684.patch: handle musl libc dnexpand backslash-decimal escape oddity in stringcopydnsdomain - CVE-2026-40684...
UBUNTU-CVE-2017-15650
musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dnsparsecallback in network/lookupname.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query...