An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. Vulnerable versions of Unbound could still amplify an incoming query into a large number of queries directed to a target, even with a lower amplification ratio compared to versions of Unbound that shipped before the mentioned erratum. This issue is about the incomplete fix for CVE-2020-12662, and it does not affect upstream versions of Unbound.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1846026 | Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2020-11-27T17:40:05
Updated: 2020-11-27T17:40:05
Reserved: 2020-03-20T00:00:00
Link: CVE-2020-10772
JSON object: View
NVD Information
Status : Modified
Published: 2020-11-27T18:15:11.440
Modified: 2023-11-07T03:14:22.913
Link: CVE-2020-10772
JSON object: View
Redhat Information
No data.