CVE-2017-15650 - Vulnerability Details - OpenCVE

Description

musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dns_parse_callback in network/lookup_name.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query.

Published: 2017-10-19

Score: 7.5 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

cpe:2.3:a:musl-libc:musl:*:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2017-7101	musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dns_parse_callback in network/lookup_name.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query.
Ubuntu USN	USN-4768-1	musl vulnerabilities

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.0063.

Key SSVC decision points have not yet been added.

References

Link	Providers
http://git.musl-libc.org/cgit/musl/commit/?id=45ca5d3fcb6f874bf5ba55d0e9651cef68515395
http://git.musl-libc.org/cgit/musl/tree/WHATSNEW
http://openwall.com/lists/oss-security/2017/10/19/5

History

No history.

Subscriptions

Musl-libc Musl

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-10-19T23:00:00.000Z

Updated: 2024-08-05T19:57:27.531Z

Reserved: 2017-10-19T00:00:00.000Z

Link: CVE-2017-15650

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2017-10-19T23:29:00.407

Modified: 2025-04-20T01:37:25.860

Link: CVE-2017-15650

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-119

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-10-19T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dns_parse_callback in network/lookup_name.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-19T23:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://git.musl-libc.org/cgit/musl/commit/?id=45ca5d3fcb6f874bf5ba55d0e9651cef68515395"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.musl-libc.org/cgit/musl/tree/WHATSNEW"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://openwall.com/lists/oss-security/2017/10/19/5"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-15650", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dns_parse_callback in network/lookup_name.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://git.musl-libc.org/cgit/musl/commit/?id=45ca5d3fcb6f874bf5ba55d0e9651cef68515395", "refsource": "CONFIRM", "url": "http://git.musl-libc.org/cgit/musl/commit/?id=45ca5d3fcb6f874bf5ba55d0e9651cef68515395"}, {"name": "http://git.musl-libc.org/cgit/musl/tree/WHATSNEW", "refsource": "CONFIRM", "url": "http://git.musl-libc.org/cgit/musl/tree/WHATSNEW"}, {"name": "http://openwall.com/lists/oss-security/2017/10/19/5", "refsource": "CONFIRM", "url": "http://openwall.com/lists/oss-security/2017/10/19/5"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T19:57:27.531Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.musl-libc.org/cgit/musl/commit/?id=45ca5d3fcb6f874bf5ba55d0e9651cef68515395"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.musl-libc.org/cgit/musl/tree/WHATSNEW"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2017/10/19/5"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-15650", "datePublished": "2017-10-19T23:00:00.000Z", "dateReserved": "2017-10-19T00:00:00.000Z", "dateUpdated": "2024-08-05T19:57:27.531Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:musl-libc:musl:*:*:*:*:*:*:*:*", "matchCriteriaId": "34F11B91-B1D7-4E6F-B275-FBF4E04AA7FC", "versionEndIncluding": "1.1.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dns_parse_callback in network/lookup_name.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query."}, {"lang": "es", "value": "musl libc, en versiones anteriores a la 1.1.17, tiene un desbordamiento de b\u00fafer mediante respuestas DNS manipuladas, debido a que dns_parse_callback en network/lookup_name.c no restringe el n\u00famero de direcciones y, por lo tanto, un atacante puede proporcionar un n\u00famero inesperado enviando registros A en una respuesta a una consulta AAAA."}], "id": "CVE-2017-15650", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-10-19T23:29:00.407", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://git.musl-libc.org/cgit/musl/commit/?id=45ca5d3fcb6f874bf5ba55d0e9651cef68515395"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://git.musl-libc.org/cgit/musl/tree/WHATSNEW"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Mitigation", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2017/10/19/5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://git.musl-libc.org/cgit/musl/commit/?id=45ca5d3fcb6f874bf5ba55d0e9651cef68515395"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://git.musl-libc.org/cgit/musl/tree/WHATSNEW"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Mitigation", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2017/10/19/5"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}