Bug 1964072 (CVE-2021-23386) - CVE-2021-23386 dns-packet: does not always fill buffers before forming network packets which couls result in Remote Memory Exposure
Summary: CVE-2021-23386 dns-packet: does not always fill buffers before forming networ...
Keywords:
Status: CLOSED WONTFIX
Alias: CVE-2021-23386
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1966190 1964155 1964156 1966181 1966182 1966183 1966184 1966185 1966186 1966187 1966188 1966189
Blocks: 1964076
TreeView+ depends on / blocked
 
Reported: 2021-05-24 16:31 UTC by Michael Kaplan
Modified: 2023-09-01 00:09 UTC (History)
29 users (show)

Fixed In Version: dns-packet 5.2.2
Doc Type: If docs needed, set a value
Doc Text:
Remote memory exposure vulnerability was found in nodejs dns-packet library. The buffers (created with `allocUnsafe`) are not always filled before forming the network packets and an attacker can use this vulnerability to potentially get access to internal application memory over non encrypted networks when querying crafted invalid domain names.
Clone Of:
Environment:
Last Closed: 2021-10-28 08:54:10 UTC
Embargoed:

Attachments (Terms of Use)

Description Michael Kaplan 2021-05-24 16:31:28 UTC 
This affects the package dns-packet before 5.2.2. It creates buffers with allocUnsafe and does not always fill them before forming network packets. This can expose internal application memory over unencrypted network when querying crafted invalid domain names.
Comment 1 Przemyslaw Roguski 2021-05-24 20:04:35 UTC 
Upstream Fix:
https://github.com/mafintosh/dns-packet/commit/25f15dd0fedc53688b25fd053ebbdffe3d5c1c56
Note You need to log in before you can comment on or make changes to this bug.