CVE-2026-33811 Crash when handling long CNAME response in net

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...

CVE-2026-33811

The CVE-2026-33811 entry describes a crash in the Go ecosystem when using LookupCNAME with the cgo DNS resolver: very long CNAME responses can trigger a double-free of C memory, leading to a crash. Affected item: Go net/cgo DNS resolver (LookupCNAME path). Root cause: memory management error (dou...

CVE-2026-33811 Crash when handling long CNAME response in net

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...

Ubuntu: Security Advisory (USN-2892-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : nginx vulnerabilities (USN-2892-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2892-1 advisory. It was discovered that nginx incorrectly handled certain DNS server responses when the resolver is enabled. A remote attacker could possibly use this iss...

USN-2892-1 nginx vulnerabilities

It was discovered that nginx incorrectly handled certain DNS server responses when the resolver is enabled. A remote attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service. CVE-2016-0742 It was discovered that nginx incorrectly handled CNAME response...

UBUNTU-CVE-2016-0746

Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service worker process crash or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing...