4.8 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): LOCAL
- Attack complexity (AC): LOW
- Privileges required (PR): LOW
- User interaction (UI): REQUIRED
- Scope (S): UNCHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): LOW
- Availability impact (A): LOW
Unbound: heap-buffer-overflow in unbound
A heap-buffer-overflow flaw was found in the cfg_mark_ports function within Unbound's config_file.c, which can lead to memory corruption. This issue could allow an attacker with local access to provide specially crafted input, potentially causing the application to crash or allowing arbitrary code execution. This could result in a denial of service or unauthorized actions on the system.
References
- RHBZ#2303462 issue-tracking x_refsource_REDHAT
- https://github.com/NLnetLabs/unbound/issues/1039
- https://github.com/NLnetLabs/unbound/pull/1040/files
- https://access.redhat.com/security/cve/CVE-2024-43168 x_refsource_REDHAT vdb-entry
- https://access.redhat.com/security/cve/CVE-2024-43168 x_refsource_REDHAT vdb-entry
- RHBZ#2303462 issue-tracking x_refsource_REDHAT
- https://github.com/NLnetLabs/unbound/issues/1039
- https://github.com/NLnetLabs/unbound/pull/1040/files
- https://github.com/NLnetLabs/unbound/issues/1039
- https://github.com/NLnetLabs/unbound/pull/1040/files
- https://access.redhat.com/security/cve/CVE-2024-43168 x_refsource_REDHAT vdb-entry
- RHBZ#2303462 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-43168 x_refsource_REDHAT vdb-entry
- RHBZ#2303462 issue-tracking x_refsource_REDHAT
- https://github.com/NLnetLabs/unbound/issues/1039
- https://github.com/NLnetLabs/unbound/pull/1040/files
- https://access.redhat.com/security/cve/CVE-2024-43168 x_refsource_REDHAT vdb-entry
- RHBZ#2303462 issue-tracking x_refsource_REDHAT
- https://github.com/NLnetLabs/unbound/issues/1039
- https://github.com/NLnetLabs/unbound/pull/1040/files
- https://access.redhat.com/security/cve/CVE-2024-43168 x_refsource_REDHAT vdb-entry
- RHBZ#2303462 issue-tracking x_refsource_REDHAT
- https://github.com/NLnetLabs/unbound/issues/1039
- https://github.com/NLnetLabs/unbound/pull/1040/files
- https://access.redhat.com/security/cve/CVE-2024-43168 x_refsource_REDHAT vdb-entry
- RHBZ#2303462 issue-tracking x_refsource_REDHAT
- https://github.com/NLnetLabs/unbound/issues/1039
- https://github.com/NLnetLabs/unbound/pull/1040/files
- https://access.redhat.com/security/cve/CVE-2024-43168 x_refsource_REDHAT vdb-entry
- RHBZ#2303462 issue-tracking x_refsource_REDHAT
- https://github.com/NLnetLabs/unbound/issues/1039
- https://github.com/NLnetLabs/unbound/pull/1040/files
- https://access.redhat.com/security/cve/CVE-2024-43168 x_refsource_REDHAT vdb-entry
- RHBZ#2303462 issue-tracking x_refsource_REDHAT
- https://github.com/NLnetLabs/unbound/issues/1039
- https://github.com/NLnetLabs/unbound/pull/1040/files
- https://lists.debian.org/debian-lts-announce/2024/09/msg00046.html
Affected products
Matching in nixpkgs
pkgs.unbound
Validating, recursive, and caching DNS resolver
-
nixos-unstable -
- nixpkgs-unstable 1.23.1
pkgs.unbound-full
Validating, recursive, and caching DNS resolver
-
nixos-unstable -
- nixpkgs-unstable 1.23.1
pkgs.unbound-with-systemd
Validating, recursive, and caching DNS resolver
-
nixos-unstable -
- nixpkgs-unstable 1.23.1
pkgs.luaPackages.luaunbound
A binding to libunbound
-
nixos-unstable -
- nixpkgs-unstable 1.0.0-1
pkgs.lua51Packages.luaunbound
A binding to libunbound
-
nixos-unstable -
- nixpkgs-unstable 1.0.0-1
pkgs.lua52Packages.luaunbound
A binding to libunbound
-
nixos-unstable -
- nixpkgs-unstable 1.0.0-1
pkgs.lua53Packages.luaunbound
A binding to libunbound
-
nixos-unstable -
- nixpkgs-unstable 1.0.0-1
pkgs.lua54Packages.luaunbound
A binding to libunbound
-
nixos-unstable -
- nixpkgs-unstable 1.0.0-1
pkgs.luajitPackages.luaunbound
A binding to libunbound
-
nixos-unstable -
- nixpkgs-unstable 1.0.0-1
pkgs.prometheus-unbound-exporter
Prometheus exporter for Unbound DNS resolver
-
nixos-unstable -
- nixpkgs-unstable 0.4.6
pkgs.python312Packages.pyunbound
Python library for Unbound, the validating, recursive, and caching DNS resolver
-
nixos-unstable -
- nixpkgs-unstable 1.23.1
pkgs.python313Packages.pyunbound
Python library for Unbound, the validating, recursive, and caching DNS resolver
-
nixos-unstable -
- nixpkgs-unstable 1.23.1
pkgs.haskellPackages.unbound-generics
Support for programming with names and binders using GHC Generics
-
nixos-unstable -
- nixpkgs-unstable 0.4.4
pkgs.haskellPackages.unbounded-delays
Unbounded thread delays and timeouts
-
nixos-unstable -
- nixpkgs-unstable 0.1.1.1
pkgs.haskellPackages.unbound-kind-generics
Support for programming with names and binders using kind-generics
-
nixos-unstable -
- nixpkgs-unstable 0.2.1.1
Package maintainers
-
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
-
@leenaars Michiel Leenaars <ml.software@leenaa.rs>
-
@Scrumplex Sefa Eyeoglu <contact@scrumplex.net>