Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple stack-based buffer overflows in the __dn_expand function in network/dn_expand.c in musl libc 1.1x before 1.1.2 and 0.9.13 through 1.0.3 allow remote attackers to (1) have unspecified impact via an invalid name length in a DNS response or (2) cause a denial of service (crash) via an invalid name length in a DNS response, related to an infinite loop with no output.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
musl libc 缓冲区错误漏洞
Vulnerability Description
musl libc是一款开源的C语言标准库。主要用于嵌入式系统与移动设备等。 musl libc 1.1.2之前的1.1x版本和0.9.13至1.0.3版本中的network/dn_expand.c文件中的‘the __dn_expand’函数存在缓冲区错误漏洞。远程攻击者(1)通过DNS响应中无效的名称长度产生未知影响 或(2)通过DNS响应中无效的名称长度导致拒绝服务(崩溃),这与无输出的无限循环有关。
CVSS Information
N/A
Vulnerability Type
N/A