VDB
CVE-2020-19861
CVE-2020-19861
PUBLISHED
When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldns_rdf_size(salt_rdf) byte data can be copied, causing heap overflow information leakage.
EPSS 0.33% · 56.4th percentile
Risk Scores
EPSS Score
0.33%
56.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:18.04:LTS | ldns | 0, 1.7.0-3ubuntu4, 1.7.0-3ubuntu2 |
| Ubuntu:Pro:20.04:LTS | ldns | 0, 1.7.0-3ubuntu8, 1.7.0-4 |
| Ubuntu:Pro:22.04:LTS | ldns | 1.7.1-2build1, 1.7.1-2ubuntu1, 1.7.1-2ubuntu3 |
| Ubuntu:Pro:16.04:LTS | ldns | 0, 1.6.17-8ubuntu0.1, 1.6.17-8 |
Exploit Intelligence
- CIRCL seen: CVE-2020-19861 (circl-sighting)
- https://github.com/NLnetLabs/ldns/issues/51 (circl)
- https://cwe.mitre.org/data/definitions/126.html (circl)
Timeline
- Jan 21, 2022 CVE Published
- Jan 21, 2022 PoC Published
- Jan 22, 2022 EPSS Score
- Mar 16, 2022 EPSS Score
- May 8, 2022 EPSS Score
- Jun 30, 2022 EPSS Score
- Aug 23, 2022 EPSS Score
- Oct 15, 2022 EPSS Score
- Dec 7, 2022 EPSS Score
- Jan 29, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 23, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2020-19861 third-party-advisory
- https://github.com/NLnetLabs/ldns/issues/51 third-party-advisory
- https://github.com/NLnetLabs/ldns/commit/136ec420437041fe13f344a2053e774f9050cc38 third-party-advisory
- https://ubuntu.com/security/notices/USN-5257-1 vendor-advisory
- https://ubuntu.com/security/notices/USN-5257-2 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2020-19861 third-party-advisory