Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:37250
HistorySep 23, 2022 - 8:48 a.m.

Denial Of Service (DoS)

2022-09-2308:48:43
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
denial of service
vulnerability
dnssec
ecdsa
application crash

EPSS

0.003

Percentile

66.2%

libbind9.so is vulnerable to denial of service. The vulnerability exists because the DNSSEC verification code used in the library for the ECDSA algorithm leaks memory when the signature length is mismatched, allowing an attacker to cause an application crash.