CVE-2017-14339

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-14339

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-14339.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-14339

Related

Published

2017-09-20T16:29:00Z

Modified

2025-03-10T17:45:33.095769Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

The DNS packet parser in YADIFA before 2.2.6 does not check for the presence of infinite pointer loops, and thus it is possible to force it to enter an infinite loop. This can cause high CPU usage and makes the server unresponsive.

References

Affected packages

Debian:11 / yadifa

Package

Name: yadifa
Purl: pkg:deb/debian/yadifa?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.6-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / yadifa

Package

Name: yadifa
Purl: pkg:deb/debian/yadifa?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.6-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/yadifa/yadifa

Affected ranges

Type: GIT
Repo: https://github.com/yadifa/yadifa
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

62c5a825ff2beaa63080ce5045a2b5c5c5c867e9

Affected versions

v1.*

v1.0.0

v1.0.1

v1.0.2

v1.0.3

v1.0.4

v2.*

v2.0.0

v2.0.4

v2.0.5

v2.0.6

v2.1.0

v2.1.1

v2.1.2

v2.1.3

v2.1.4

v2.1.5

v2.1.6

v2.2.0

v2.2.1

v2.2.2

v2.2.3

v2.2.5