1964072 – (CVE-2021-23386) CVE-2021-23386 dns-packet: does not always fill buffers before forming network packets which couls result in Remote Memory Exposure

Bug 1964072 (CVE-2021-23386) - CVE-2021-23386 dns-packet: does not always fill buffers before forming network packets which couls result in Remote Memory Exposure

Summary: CVE-2021-23386 dns-packet: does not always fill buffers before forming networ...

Keywords:
Status:	CLOSED WONTFIX
Alias:	CVE-2021-23386
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1964155 1964156 1966181 1966182 1966183 1966184 1966185 1966186 1966187 1966188 1966189 1966190
Blocks:	1964076
TreeView+	depends on / blocked

Reported:	2021-05-24 16:31 UTC by Michael Kaplan
Modified:	2023-09-01 00:09 UTC (History)
CC List:	29 users (show)
Fixed In Version:	dns-packet 5.2.2
Clone Of:
Environment:
Last Closed:	2021-10-28 08:54:10 UTC
Embargoed:

Attachments	(Terms of Use)

Description Michael Kaplan 2021-05-24 16:31:28 UTC

This affects the package dns-packet before 5.2.2. It creates buffers with allocUnsafe and does not always fill them before forming network packets. This can expose internal application memory over unencrypted network when querying crafted invalid domain names.

Comment 1 Przemyslaw Roguski 2021-05-24 20:04:35 UTC

Upstream Fix:
https://github.com/mafintosh/dns-packet/commit/25f15dd0fedc53688b25fd053ebbdffe3d5c1c56

Note You need to log in before you can comment on or make changes to this bug.

aileenc
anpicker
aos-bugs
bmontgom
chazlett
drieden
eparis
erooth
ggaughan
gghezzo
gmalinko
gparvin
janstey
jburrell
jochrist
jokerman
jramanat
jweiser
jwendell
jwon
kaycoth
nstielau
rcernich
spasquie
sponnaga
stcannon
thee
twalsh
vmugicag