OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-23 15:38:27 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
4b4a4d8d887ee85b5909c8a418f21d1cbfd7df87
advisory-db/crates/trust-dns-proto/RUSTSEC-2018-0007.md
Sergey "Shnatsel" Davidoff 40afced5fb Remove range overlaps, fix some range specifications (#930) 
* Drop some clearly redundant bounds

* Fix RUSTSEC-2020-0091 - the version specification was incorrect, marking 1.0.0 as fixed while in reality it was not

* Fix RUSTSEC-2018-0004: presumably any updates to 0.3.x series would also get the fix, it would not be isolated to 0.3.2

* Fix incorrectly defined, overlapping ranges in RUSTSEC-2020-0080 and RUSTSEC-2019-0035
2021-06-04 23:26:23 +02:00

814 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2018-0007"
package = "trust-dns-proto"
aliases = ["CVE-2018-20994"]
date = "2018-10-09"
keywords = ["stack-overflow", "crash"]

[versions]
patched = [">= 0.4.3"]

Stack overflow when parsing malicious DNS packet

There's a stack overflow leading to a crash when Trust-DNS's parses a malicious DNS packet.

Affected versions of this crate did not properly handle parsing of DNS message compression (RFC1035 section 4.1.4). The parser could be tricked into infinite loop when a compression offset pointed back to the same domain name to be parsed.

This allows an attacker to craft a malicious DNS packet which when consumed with Trust-DNS could cause stack overflow and crash the affected software.

The flaw was corrected by trust-dns-proto 0.4.3 and upcoming 0.5.0 release.