An issue was discovered in FNET through 4.6.4. The code for processing resource records in mDNS queries doesn't check for proper '\0' termination of the resource record name string, leading to an out-of-bounds read, and potentially causing information leak or Denial-or-Service.
References
Link | Resource |
---|---|
https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 | Third Party Advisory US Government Resource |
https://www.kb.cert.org/vuls/id/815128 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-12-11T22:56:22
Updated: 2020-12-11T22:56:22
Reserved: 2020-08-18T00:00:00
Link: CVE-2020-24383
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-12-11T23:15:14.213
Modified: 2023-10-12T18:31:10.153
Link: CVE-2020-24383
JSON object: View
Redhat Information
No data.
CWE