| Revision Date: | 2022-06-30 | Version: | 1 |
| Title: | CVE-2020-10030 |
| Description: |
An issue has been found in PowerDNS Recursor 4.1.0 up to and including 4.3.0. It allows an attacker (with enough privileges to change the system's hostname) to cause disclosure of uninitialized memory content via a stack-based out-of-bounds read. It only occurs on systems where gethostname() does not have '\0' termination of the returned string if the hostname is larger than the supplied buffer. (Linux systems are not affected because the buffer is always large enough. OpenBSD systems are not affected because the returned hostname always has '\0' termination.) Under some conditions, this issue can lead to the writing of one '\0' byte out-of-bounds on the stack, causing a denial of service or possibly arbitrary code execution.
|
| Family: | unix | Class: | vulnerability |
| Status: | | Reference(s): | CVE-2020-10030
openSUSE-SU-2020:0698-1
Mitre CVE-2020-10030
SUSE CVE-2020-10030
openSUSE-SU-2020:0698-1
|
| Platform(s): | openSUSE Leap 15.1
openSUSE Tumbleweed
SUSE Linux Enterprise High Performance Computing 12 SP1
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
SUSE Package Hub for SUSE Linux Enterprise 12 SP1
SUSE Package Hub for SUSE Linux Enterprise 15 SP1
| Product(s): | |
| Definition Synopsis |
| SUSE Package Hub for SUSE Linux Enterprise 12 SP1 is installed AND pdns-recursor-4.1.16-19 is installed
|
| Definition Synopsis |
| openSUSE Leap 15.1 is installed
AND Package Information
pdns-recursor-4.1.12-lp151.3.3 is installed
AND pdns-recursor is signed with openSUSE key
|
| Definition Synopsis |
| openSUSE Tumbleweed is installed
AND pdns-recursor-4.5.5-1.3 is installed
|
| Definition Synopsis |
| SUSE Package Hub for SUSE Linux Enterprise 15 SP1 is installed
AND pdns-recursor-4.1.12-bp151.4.3.1 is installed
|
| Definition Synopsis |
| SUSE Package Hub for SUSE Linux Enterprise 12 SP1 is installed
AND pdns-recursor-4.1.16-19.1 is installed
|