Candidate: CVE-2017-9105
PublicDate: 2020-06-18 14:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9105
 http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=adns.git;a=commit;h=17afb298d90c5aafed76bd3855a5fe7dcd58594c
Description:
 An issue was discovered in adns before 1.5.2. It corrupts a pointer when a
 nameserver speaks first because of a wrong number of pointer dereferences.
 This bug may well be exploitable as a remote code execution.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H [8.8 HIGH]


Patches_adns:
upstream_adns: needs-triage
precise/esm_adns: DNE
trusty_adns: ignored (out of standard support)
trusty/esm_adns: DNE
xenial_adns: ignored (end of standard support, was needed)
bionic_adns: needed
eoan_adns: ignored (reached end-of-life)
focal_adns: needed
groovy_adns: not-affected (1.6.0-2)
hirsute_adns: not-affected (1.6.0-2)
impish_adns: not-affected (1.6.0-2)
jammy_adns: not-affected (1.6.0-2)
devel_adns: not-affected (1.6.0-2)