CVE-2017-9107
HIGHadns < 1.5.2 - Denial of Service via Backslash Domain Parsing
Title source: llmDescription
An issue was discovered in adns before 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with \, and adns_qf_quoteok_query was specified, qdparselabel would read additional bytes from the buffer and try to treat them as the escape sequence. It would depart the input buffer and start processing many bytes of arbitrary heap data as if it were the query domain. Eventually it would run out of input or find some other kind of error, and declare the query domain invalid. But before then it might outrun available memory and crash. In principle this could be a denial of service attack.
References (5)
Core 5
Core References
Third Party Advisory x_refsource_misc
http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=adns.git
Release Notes, Third Party Advisory x_refsource_confirm
https://www.chiark.greenend.org.uk/pipermail/adns-announce/2020/000004.html
Various Sources x_refsource_confirm
http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=adns.git%3Ba=blob%3Bf=changelog
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRVHN3GGVNQWAOL3PWC5FLAV7HUESLZR/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UGFZ4SPV6KFQK6ZNUZFB5Y32OYFOM5YJ/
Scores
CVSS v3
7.5
EPSS
0.0056
EPSS Percentile
68.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-119
Status
published
Products (3)
fedoraproject/fedora
31
fedoraproject/fedora
32
gnu/adns
< 1.5.2
Published
Jun 18, 2020
Tracked Since
Feb 18, 2026