CVE-2021-43523

CRITICAL

uClibc < 0.9.33.2 and uClibc-ng < 1.0.39 - Remote Code Execution and Cross-Site Scripting via DNS Domain Name Handling

Title source: llm
STIX 2.1

Description

In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or injection into applications (leading to remote code execution, XSS, applications crashes, etc.). In other words, a validation step, which is expected in any stub resolver, does not occur.

References (3)

Core 3
Core References
Vendor Advisory x_refsource_misc
https://uclibc-ng.org/
Exploit, Mailing List, Third Party Advisory x_refsource_misc
https://www.openwall.com/lists/oss-security/2021/11/09/1

Scores

CVSS v3 9.6
EPSS 0.0326
EPSS Percentile 87.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-79
Status published
Products (2)
uclibc/uclibc < 0.9.33.2
uclibc-ng_project/uclibc-ng < 1.0.39
Published Nov 10, 2021
Tracked Since Feb 18, 2026