CVE-2016-2224

CVE-2016-2224

EPSS 2.8%

The __decode_dotted function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via vectors involving compressed items in a reply.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://repo.or.cz/uclibc-ng.git/commit/d9c3a16dcab57d6b56225b9a67e9119cc9e2e4ac https://security-tracker.debian.org/tracker/CVE-2016-2224 http://www.openwall.com/lists/oss-security/2016/02/05/2 http://www.openwall.com/lists/oss-security/2016/02/05/3 http://www.securityfocus.com/bid/82903