CVE-2020-6080 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Denial of service |
Description | Multiple exploitable denial-of-service vulnerabilities exist in the resource allocation handling of Videolabs libmicrodns 0.1.0. When encountering errors while parsing mDNS messages, some allocated data is not freed, possibly leading to a denial-of-service condition via resource exhaustion. An attacker can send one mDNS message repeatedly to trigger these vulnerabilities. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-1136 | libmicrodns | 0.1.0-1 | 0.1.2-1 | Critical | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
30 Apr 2020 | ASA-202004-24 | AVG-1136 | libmicrodns | Critical | multiple issues |
References |
---|
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1002 https://github.com/videolabs/libmicrodns/commit/9768bdbeb8ea6b7849a97af4362d1b5184352cee |