An exploitable denial-of-service vulnerability exists in the resource allocation handling of Videolabs libmicrodns 0.1.0. When encountering errors while parsing mDNS messages, some allocated data is not freed, possibly leading to a denial-of-service condition via resource exhaustion. An attacker can send one mDNS message repeatedly to trigger this vulnerability through decoding of the domain name performed by rr_decode.
References
Link | Resource |
---|---|
https://security.gentoo.org/glsa/202005-10 | Third Party Advisory |
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1002 | Exploit Technical Description Third Party Advisory |
https://www.debian.org/security/2020/dsa-4671 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: talos
Published: 2020-03-24T20:49:46
Updated: 2022-04-19T17:35:38
Reserved: 2020-01-07T00:00:00
Link: CVE-2020-6079
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-03-24T21:15:14.427
Modified: 2022-04-22T19:05:55.560
Link: CVE-2020-6079
JSON object: View
Redhat Information
No data.
CWE