FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

unbound -- parsing vulnerability

Affected packages
1.7.1	<=	unbound	<	1.9.4

Details

VuXML ID	108a4be3-e612-11e9-9963-5f1753e0aca0
Discovery	2019-10-03
Entry	2019-10-03

Unbound Security Advisories:

Due to an error in parsing NOTIFY queries, it is possible for Unbound to continue processing malformed queries and may ultimately result in a pointer dereference in uninitialized memory. This results in a crash of the Unbound daemon.

[source]

References

CVE Name	CVE-2019-16866
URL	https://www.nlnetlabs.nl/projects/unbound/security-advisories/#vulnerability-in-parsing-notify-queries