CVE-2017-14339

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-14339

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-14339.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2017-14339

Downstream

DEBIAN-CVE-2017-14339

DSA-4001-1

UBUNTU-CVE-2017-14339

Published

2017-09-20T16:29:00Z

Modified

2025-10-15T08:47:06.713743Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

The DNS packet parser in YADIFA before 2.2.6 does not check for the presence of infinite pointer loops, and thus it is possible to force it to enter an infinite loop. This can cause high CPU usage and makes the server unresponsive.

References

Affected packages

Git / github.com/yadifa/yadifa

Affected ranges

Type: GIT
Repo: https://github.com/yadifa/yadifa
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

62c5a825ff2beaa63080ce5045a2b5c5c5c867e9

Affected versions

v1.*

v1.0.0

v1.0.1

v1.0.2

v1.0.3

v1.0.4

v2.*

v2.0.0

v2.0.4

v2.0.5

v2.0.6

v2.1.0

v2.1.1

v2.1.2

v2.1.3

v2.1.4

v2.1.5

v2.1.6

v2.2.0

v2.2.1

v2.2.2

v2.2.3

v2.2.5