UBUNTU-CVE-2017-14339

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2017-14339

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-14339.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2017-14339

Related

CVE-2017-14339

Published

2017-09-20T16:29:00Z

Modified

2025-01-13T10:21:26Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

The DNS packet parser in YADIFA before 2.2.6 does not check for the presence of infinite pointer loops, and thus it is possible to force it to enter an infinite loop. This can cause high CPU usage and makes the server unresponsive.

References

Affected packages

Ubuntu:Pro:16.04:LTS / yadifa

Package

Name: yadifa
Purl: pkg:deb/ubuntu/yadifa@2.1.6-1?arch=source&distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.1.3-2

2.1.4-1

2.1.4-2

2.1.6-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:18.04:LTS / yadifa

Package

Name: yadifa
Purl: pkg:deb/ubuntu/yadifa@2.3.7-1build1?arch=source&distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.7-1build1

Affected versions

2.*

2.2.5-1

2.2.6-1

2.3.7-1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "2.3.7-1build1",
            "binary_name": "libyadifa-dev"
        },
        {
            "binary_version": "2.3.7-1build1",
            "binary_name": "yadifa"
        },
        {
            "binary_version": "2.3.7-1build1",
            "binary_name": "yadifa-dbgsym"
        }
    ]
}