CVE-2017-15120 in Ubuntu

CVE-2017-15120

Priority

Description

An issue has been found in the parsing of authoritative answers in PowerDNS
Recursor before 4.0.8, leading to a NULL pointer dereference when parsing a
specially crafted answer containing a CNAME of a different class than IN.
An unauthenticated remote attacker could cause a denial of service.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15120
https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-08.html

Notes

Package

Source: pdns-recursor (LP Ubuntu Debian)

Upstream:	released (4.1.0-1)
Ubuntu 18.04 LTS:	not-affected (4.1.1-2)
Ubuntu 20.04 LTS:	not-affected (4.1.1-2)
Ubuntu 21.10:	not-affected (4.1.1-2)
Ubuntu 22.04 LTS:	not-affected (4.1.1-2)
Ubuntu 14.04 ESM:	DNE (trusty was not-affected [code not present])

Patches:

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2022-04-25 00:19:37 UTC (commit ecc1009cb19540b950de59270950018900f37f15)