RSS   Vulnerabilities for 'MUSL'   RSS

2017-10-19
 
CVE-2017-15650

 

 
musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dns_parse_callback in network/lookup_name.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query.

 
2017-08-18
 
CVE-2015-1817

 

 
Stack-based buffer overflow in the inet_pton function in network/inet_pton.c in musl libc 0.9.15 through 1.0.4, and 1.1.0 through 1.1.7 allows attackers to have unspecified impact via unknown vectors.

 


Copyright 2024, cxsecurity.com

 

Back to Top