CVE-2020-19861

Published: 21 January 2022

When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldns_rdf_size(salt_rdf) byte data can be copied, causing heap overflow information leakage.

Priority

CVSS 3 base score: 7.5

Status

Package	Release	Status
ldns Launchpad, Ubuntu, Debian	bionic	Released (1.7.0-3ubuntu4.1)
	focal	Released (1.7.0-4.1ubuntu1+esm1)
	impish	Ignored (reached end-of-life)
	jammy	Released (1.7.1-2ubuntu4+esm1)
	kinetic	Needed
	trusty	Ignored (out of standard support)
	upstream	Released (1.8.0)
	xenial	Released (1.6.17-8ubuntu0.1+esm1)

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-19861
https://github.com/NLnetLabs/ldns/issues/51
https://github.com/NLnetLabs/ldns/commit/136ec420437041fe13f344a2053e774f9050cc38
https://ubuntu.com/security/notices/USN-5257-1
https://ubuntu.com/security/notices/USN-5257-2
NVD
Launchpad
Debian

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Security

CVE-2020-19861

Medium

Status

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Further reading