10 matches found
net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME
A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...
DEBIAN-CVE-2026-33811
When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...
CVE-2026-33811
When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...
CVE-2026-33811
When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...
UBUNTU-CVE-2026-33811
When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...
CVE-2026-33811
When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...
CVE-2026-33811
When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...
Double Free
Overview std/net is a Go standard library package std/net Affected versions of this package are vulnerable to Double Free. Go Vulnerability Report: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. Remediation Upgrade...
PT-2026-38560
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description When using the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory, leading to a crash. This occurs specifically when utilizing th...
Avahi security vulnerability
Avahi is a set of open-source local service discovery tools for Linux. Avahi has a security vulnerability, which stems from an assertion error in the lookuphandlecname function, potentially leading to denial-of-service attacks...