CVE-2019-16866 log

Source
Severity High
Remote Yes
Type Denial of service
Description
Due to an error in parsing NOTIFY queries, it is possible for Unbound from 1.7.1 up to and including 1.9.3 to continue processing malformed queries and may ultimately result in a pointer dereference in uninitialized memory. This results in a crash of the Unbound daemon.
Group Package Affected Fixed Severity Status Ticket
AVG-1042 unbound 1.9.3-4 1.9.4-1 High Fixed
Date Advisory Group Package Severity Description
11 Oct 2019 ASA-201910-6 AVG-1042 unbound High denial of service
References
https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-16866.txt
https://github.com/NLnetLabs/unbound/commit/b60c4a472c856f0a98120b7259e991b3a6507eb5