CVE-2020-6080 log

Source
Severity Medium
Remote Yes
Type Denial of service
Description
Multiple exploitable denial-of-service vulnerabilities exist in the resource allocation handling of Videolabs libmicrodns 0.1.0. When encountering errors while parsing mDNS messages, some allocated data is not freed, possibly leading to a denial-of-service condition via resource exhaustion. An attacker can send one mDNS message repeatedly to trigger these vulnerabilities.
Group Package Affected Fixed Severity Status Ticket
AVG-1136 libmicrodns 0.1.0-1 0.1.2-1 Critical Fixed
Date Advisory Group Package Severity Type
30 Apr 2020 ASA-202004-24 AVG-1136 libmicrodns Critical multiple issues
References
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1002
https://github.com/videolabs/libmicrodns/commit/9768bdbeb8ea6b7849a97af4362d1b5184352cee