Main Vulnerability Database SB2018101110

SB2018101110 - Double Free in ldns (Alpine package)

Published: October 11, 2018

Security Bulletin ID SB2018101110

Severity

High

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Description

This security bulletin contains information about 1 security vulnerability.

1) Double Free (CVE-ID: CVE-2017-1000231)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.

Install update from vendor's website.