Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2020-6077 - log back

CVE-2020-6077 edited at 17 Apr 2020 21:05:44

Severity

-	Unknown
+	Medium

Remote

-	Unknown
+	Remote

Type

-	Unknown
+	Information disclosure

Description

+

An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages, the implementation does not properly keep track of the available data in the message, possibly leading to an out-of-bounds read that would result in a denial of service. An attacker can send an mDNS message to trigger this vulnerability.

References

+	https://talosintelligence.com/vulnerability_reports/TALOS-2020-1000
+	https://github.com/videolabs/libmicrodns/commit/80860fad7e046959b730a0e37fd8d6ad955682ec

Notes

CVE-2020-6077 created at 17 Apr 2020 20:55:55