DescriptionAn issue was discovered in HCC Embedded NicheStack IPv4 4.1. The dnc_copy_in routine for parsing DNS domain names does not check whether a domain name compression pointer is pointing within the bounds of the packet (e.g., forward compression pointer jumps are allowed), which leads to an Out-of-bounds Read, and a Denial-of-Service as a consequence.
Overall state of this security issue: Does not affect SUSE products
This issue is currently not rated by SUSE as it is not affecting the SUSE Enterprise products.SUSE Bugzilla entry: 1190311 [RESOLVED / INVALID] No SUSE Security Announcements cross referenced.
SUSE Timeline for this CVECVE page created: Thu Aug 19 00:00:33 2021
CVE page last modified: Fri Oct 7 12:51:02 2022