diff --git a/crates/trust-dns-proto/RUSTSEC-0000-0000.toml b/crates/trust-dns-proto/RUSTSEC-0000-0000.toml new file mode 100644 index 0000000..0be3107 --- /dev/null +++ b/crates/trust-dns-proto/RUSTSEC-0000-0000.toml @@ -0,0 +1,60 @@ +[advisory] +# Identifier for the advisory (mandatory). Will be assigned a "RUSTSEC-YYYY-NNNN" +# identifier e.g. RUSTSEC-2018-0001. Please use "RUSTSEC-0000-0000" in PRs. +id = "RUSTSEC-0000-0000" + +# Name of the affected crate (mandatory) +package = "trust-dns-proto" + +# Disclosure date of the advisory as an RFC 3339 date (mandatory) +date = "2017-10-09" + +# Single-line description of a vulnerability (mandatory) +title = "Stack overflow when parsing malicious DNS packet" + +# Enter a short-form description of the vulnerability here (mandatory) +description = """ +There's a stack overflow leading to a crash when Trust-DNS's parses a +malicious DNS packet. + +Affected versions of this crate did not properly handle parsing of DNS message +compression (RFC1035 section 4.1.4). The parser could be tricked into infinite +loop when a compression offset pointed back to the same domain name to be +parsed. + +This allows an attacker to craft a malicious DNS packet which when consumed +with Trust-DNS could cause stack overflow and crash the affected software. + +The flaw was corrected by trust-dns-proto 0.4.3 and upcoming 0.5.0 release. +""" + +# Versions which include fixes for this vulnerability (mandatory) +patched_versions = [">= 0.4.3", ">= 0.5.0-alpha.3" ] + +# Versions which were never vulnerable (optional) +#unaffected_versions = ["< 1.1.0"] + +# URL to a long-form description of this issue, e.g. a GitHub issue/PR, +# a change log entry, or a blogpost announcing the release (optional) +# url = "" + +# Keywords which describe this vulnerability, similar to Cargo (optional) +keywords = [ "stack-overflow", "crash" ] + +# Vulnerability aliases, e.g. CVE IDs (optional but recommended) +# Request a CVE for your RustSec vulns: https://iwantacve.org/ +#aliases = ["CVE-2018-XXXX"] + +# References to related vulnerabilities (optional) +# e.g. CVE for a C library wrapped by a -sys crate) +#references = ["CVE-2018-YYYY", "CVE-2018-ZZZZ"] + +# CPU architectures impacted by this vulnerability (optional) +# For a list of CPU architecture strings, see the "platforms" crate: +# +#affected_arch = ["x86", "x86_64"] + +# Operating systems impacted by this vulnerability (optional) +# For a list of OS strings, see the "platforms" crate: +# +#affected_os = ["windows"]