CVE-2021-43523
CRITICALuClibc < 0.9.33.2 and uClibc-ng < 1.0.39 - Remote Code Execution and Cross-Site Scripting via DNS Domain Name Handling
Title source: llmDescription
In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or injection into applications (leading to remote code execution, XSS, applications crashes, etc.). In other words, a validation step, which is expected in any stub resolver, does not occur.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_misc
https://uclibc-ng.org/
Patch, Third Party Advisory x_refsource_misc
https://github.com/wbx-github/uclibc-ng/commit/0f822af0445e5348ce7b7bd8ce1204244f31d174
Exploit, Mailing List, Third Party Advisory x_refsource_misc
https://www.openwall.com/lists/oss-security/2021/11/09/1
Scores
CVSS v3
9.6
EPSS
0.0326
EPSS Percentile
87.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-79
Status
published
Products (2)
uclibc/uclibc
< 0.9.33.2
uclibc-ng_project/uclibc-ng
< 1.0.39
Published
Nov 10, 2021
Tracked Since
Feb 18, 2026