Lucene search
K

10 matches found

RedHat Linux
RedHat Linux
added yesterday9 views

net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS7.1AI score0.00813EPSS
Exploits0References8
OSV
OSV
added 2026/05/07 8:16 p.m.4 views

DEBIAN-CVE-2026-33811

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...

7.5CVSS5.8AI score0.00813EPSS
Exploits0References1
NVD
NVD
added 2026/05/07 8:16 p.m.24 views

CVE-2026-33811

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...

7.5CVSS0.00813EPSS
Exploits0References18
UbuntuCve
UbuntuCve
added 2026/05/07 8:16 p.m.9 views

CVE-2026-33811

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...

7.5CVSS5.8AI score0.00813EPSS
Exploits0References7
OSV
OSV
added 2026/05/07 8:16 p.m.4 views

UBUNTU-CVE-2026-33811

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...

7.5CVSS5.8AI score0.00813EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/07 7:41 p.m.12 views

CVE-2026-33811

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...

5.8AI score0.00813EPSS
Exploits0References5Affected Software1
AlpineLinux
AlpineLinux
added 2026/05/07 7:41 p.m.7 views

CVE-2026-33811

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...

7.5CVSS5.8AI score0.00813EPSS
Exploits0
Snyk
Snyk
added 2026/05/07 7:21 p.m.6 views

Double Free

Overview std/net is a Go standard library package std/net Affected versions of this package are vulnerable to Double Free. Go Vulnerability Report: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. Remediation Upgrade...

8.7CVSS5.8AI score0.00813EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.12 views

PT-2026-38560

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description When using the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory, leading to a crash. This occurs specifically when utilizing th...

9.8CVSS5.8AI score0.00813EPSS
Exploits0
CNNVD
CNNVD
added 2026/01/12 12:0 a.m.8 views

Avahi security vulnerability

Avahi is a set of open-source local service discovery tools for Linux. Avahi has a security vulnerability, which stems from an assertion error in the lookuphandlecname function, potentially leading to denial-of-service attacks...

5.8AI score0.00063EPSS
Exploits0References1
Rows per page
Query Builder