Musl-libc - Musl CVE

Filtered by vendor Musl-libc Subscribe

Filtered by product Musl

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-15650	1 Musl-libc	1 Musl	2017-11-08	5.0 MEDIUM	7.5 HIGH
musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dns_parse_callback in network/lookup_name.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query.

Vulnerabilities (CVE)