CVE-2020-25583

In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 when processing a DNSSL option, rtsold8 decodes domain name labels per an encoding specified in RFC 1035 in which the first octet of each label contains th...

Buffer overflow

In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 when processing a DNSSL option, rtsold8 decodes domain name labels per an encoding specified in RFC 1035 in which the first octet of each label contains th...

CVE-2020-25583

CVE-2020-25583 affects FreeBSD rtsold(8) handling of DNSSL and RDNSS options. The issue arises from insufficient bounds checking and incorrect validation of label lengths when decoding domain name labels (RFC 1035 encoding) in the DNSSL option, which could overflow the destination buffer. Affecte...

FreeBSD : FreeBSD -- Multiple vulnerabilities in rtsold (e2748c9d-3483-11eb-b87a-901b0ef719ab)

Two bugs exist in rtsold8's RDNSS and DNSSL option handling. First, rtsold8 failed to perform sufficient bounds checking on the extent of the option. In particular, it does not verify that the option does not extend past the end of the received packet before processing its contents. The kernel...

FreeBSD -- rtsold(8) remote buffer overflow vulnerability

Problem Description: Due to a missing length check in the code that handles DNS parameters, a malformed router advertisement message can result in a stack buffer overflow in rtsold8. Impact: Receipt of a router advertisement message with a malformed DNSSL option, for instance from a compromised...

FreeBSD-SA-14:20.rtsold

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-14:20.rtsold Security Advisory The FreeBSD Project Topic: rtsold8 remote buffer overflow vulnerability Category: core Module: rtsold Announced: 2014-10-21 Credits...