SUSE CVE-2020-17439
An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does not validate that the incoming DNS replies match outgoing DNS queries in newdata in resolv.c. Also, arbitrary DNS replies are parsed if there was any outgoing DNS query wi...