CVE-2020-28935

Source
https://nvd.nist.gov/vuln/detail/CVE-2020-28935
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-28935.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-28935
Related
Published
2020-12-07T22:15:20Z
Modified
2024-10-12T06:31:58.813376Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink instead of a regular file. An additional chown of the file would then take place after it was written, making the user Unbound/NSD is supposed to run as the new owner of the file. If an attacker has local access to the user Unbound/NSD runs as, she could create a symlink in place of the PID file pointing to a file that she would like to erase. If then Unbound/NSD is killed and the PID file is not cleared, upon restarting with root privileges, Unbound/NSD will rewrite any file pointed at by the symlink. This is a local vulnerability that could create a Denial of Service of the system Unbound/NSD is running on. It requires an attacker having access to the limited permission user Unbound/NSD runs as and point through the symlink to a critical file on the system.

References

Affected packages

Alpine:v3.12 / nsd

Package

Name
nsd
Purl
pkg:apk/alpine/nsd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.4-r0

Affected versions

3.*

3.2.7-r0
3.2.7-r1
3.2.8-r0
3.2.9-r0
3.2.10-r0
3.2.12-r0
3.2.13-r0
3.2.14-r0
3.2.15-r0
3.2.16-r0
3.2.16-r1
3.2.16-r2

4.*

4.0.0-r0
4.0.0-r1
4.0.1-r0
4.0.1-r1
4.0.2-r0
4.0.3-r0
4.0.3-r1
4.1.0-r0
4.1.1-r0
4.1.1-r1
4.1.2-r0
4.1.3-r0
4.1.4-r0
4.1.6-r0
4.1.7-r0
4.1.7-r1
4.1.8-r0
4.1.9-r0
4.1.9-r1
4.1.10-r1
4.1.11-r0
4.1.13-r0
4.1.13-r1
4.1.14-r0
4.1.14-r1
4.1.15-r0
4.1.15-r1
4.1.15-r2
4.1.16-r0
4.1.16-r1
4.1.19-r0
4.1.20-r0
4.1.20-r1
4.1.21-r0
4.1.22-r0
4.1.23-r0
4.1.24-r0
4.1.24-r1
4.1.26-r0
4.1.27-r0
4.2.0-r0
4.2.1-r0
4.2.2-r0
4.2.2-r1
4.2.3-r0
4.2.3-r1
4.2.3-r2
4.2.3-r3
4.2.3-r4
4.2.4-r0
4.2.4-r1
4.3.0-r0
4.3.1-r0

Alpine:v3.13 / nsd

Package

Name
nsd
Purl
pkg:apk/alpine/nsd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.4-r0

Affected versions

3.*

3.2.7-r0
3.2.7-r1
3.2.8-r0
3.2.9-r0
3.2.10-r0
3.2.12-r0
3.2.13-r0
3.2.14-r0
3.2.15-r0
3.2.16-r0
3.2.16-r1
3.2.16-r2

4.*

4.0.0-r0
4.0.0-r1
4.0.1-r0
4.0.1-r1
4.0.2-r0
4.0.3-r0
4.0.3-r1
4.1.0-r0
4.1.1-r0
4.1.1-r1
4.1.2-r0
4.1.3-r0
4.1.4-r0
4.1.6-r0
4.1.7-r0
4.1.7-r1
4.1.8-r0
4.1.9-r0
4.1.9-r1
4.1.10-r1
4.1.11-r0
4.1.13-r0
4.1.13-r1
4.1.14-r0
4.1.14-r1
4.1.15-r0
4.1.15-r1
4.1.15-r2
4.1.16-r0
4.1.16-r1
4.1.19-r0
4.1.20-r0
4.1.20-r1
4.1.21-r0
4.1.22-r0
4.1.23-r0
4.1.24-r0
4.1.24-r1
4.1.26-r0
4.1.27-r0
4.2.0-r0
4.2.1-r0
4.2.2-r0
4.2.2-r1
4.2.3-r0
4.2.3-r1
4.2.3-r2
4.2.3-r3
4.2.3-r4
4.2.4-r0
4.2.4-r1
4.3.0-r0
4.3.1-r0
4.3.2-r0
4.3.3-r0

Alpine:v3.14 / nsd

Package

Name
nsd
Purl
pkg:apk/alpine/nsd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.4-r0

Affected versions

3.*

3.2.7-r0
3.2.7-r1
3.2.8-r0
3.2.9-r0
3.2.10-r0
3.2.12-r0
3.2.13-r0
3.2.14-r0
3.2.15-r0
3.2.16-r0
3.2.16-r1
3.2.16-r2

4.*

4.0.0-r0
4.0.0-r1
4.0.1-r0
4.0.1-r1
4.0.2-r0
4.0.3-r0
4.0.3-r1
4.1.0-r0
4.1.1-r0
4.1.1-r1
4.1.2-r0
4.1.3-r0
4.1.4-r0
4.1.6-r0
4.1.7-r0
4.1.7-r1
4.1.8-r0
4.1.9-r0
4.1.9-r1
4.1.10-r1
4.1.11-r0
4.1.13-r0
4.1.13-r1
4.1.14-r0
4.1.14-r1
4.1.15-r0
4.1.15-r1
4.1.15-r2
4.1.16-r0
4.1.16-r1
4.1.19-r0
4.1.20-r0
4.1.20-r1
4.1.21-r0
4.1.22-r0
4.1.23-r0
4.1.24-r0
4.1.24-r1
4.1.26-r0
4.1.27-r0
4.2.0-r0
4.2.1-r0
4.2.2-r0
4.2.2-r1
4.2.3-r0
4.2.3-r1
4.2.3-r2
4.2.3-r3
4.2.3-r4
4.2.4-r0
4.2.4-r1
4.3.0-r0
4.3.1-r0
4.3.2-r0
4.3.3-r0

Alpine:v3.15 / nsd

Package

Name
nsd
Purl
pkg:apk/alpine/nsd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.4-r0

Affected versions

3.*

3.2.7-r0
3.2.7-r1
3.2.8-r0
3.2.9-r0
3.2.10-r0
3.2.12-r0
3.2.13-r0
3.2.14-r0
3.2.15-r0
3.2.16-r0
3.2.16-r1
3.2.16-r2

4.*

4.0.0-r0
4.0.0-r1
4.0.1-r0
4.0.1-r1
4.0.2-r0
4.0.3-r0
4.0.3-r1
4.1.0-r0
4.1.1-r0
4.1.1-r1
4.1.2-r0
4.1.3-r0
4.1.4-r0
4.1.6-r0
4.1.7-r0
4.1.7-r1
4.1.8-r0
4.1.9-r0
4.1.9-r1
4.1.10-r1
4.1.11-r0
4.1.13-r0
4.1.13-r1
4.1.14-r0
4.1.14-r1
4.1.15-r0
4.1.15-r1
4.1.15-r2
4.1.16-r0
4.1.16-r1
4.1.19-r0
4.1.20-r0
4.1.20-r1
4.1.21-r0
4.1.22-r0
4.1.23-r0
4.1.24-r0
4.1.24-r1
4.1.26-r0
4.1.27-r0
4.2.0-r0
4.2.1-r0
4.2.2-r0
4.2.2-r1
4.2.3-r0
4.2.3-r1
4.2.3-r2
4.2.3-r3
4.2.3-r4
4.2.4-r0
4.2.4-r1
4.3.0-r0
4.3.1-r0
4.3.2-r0
4.3.3-r0

Alpine:v3.16 / nsd

Package

Name
nsd
Purl
pkg:apk/alpine/nsd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.4-r0

Affected versions

3.*

3.2.7-r0
3.2.7-r1
3.2.8-r0
3.2.9-r0
3.2.10-r0
3.2.12-r0
3.2.13-r0
3.2.14-r0
3.2.15-r0
3.2.16-r0
3.2.16-r1
3.2.16-r2

4.*

4.0.0-r0
4.0.0-r1
4.0.1-r0
4.0.1-r1
4.0.2-r0
4.0.3-r0
4.0.3-r1
4.1.0-r0
4.1.1-r0
4.1.1-r1
4.1.2-r0
4.1.3-r0
4.1.4-r0
4.1.6-r0
4.1.7-r0
4.1.7-r1
4.1.8-r0
4.1.9-r0
4.1.9-r1
4.1.10-r1
4.1.11-r0
4.1.13-r0
4.1.13-r1
4.1.14-r0
4.1.14-r1
4.1.15-r0
4.1.15-r1
4.1.15-r2
4.1.16-r0
4.1.16-r1
4.1.19-r0
4.1.20-r0
4.1.20-r1
4.1.21-r0
4.1.22-r0
4.1.23-r0
4.1.24-r0
4.1.24-r1
4.1.26-r0
4.1.27-r0
4.2.0-r0
4.2.1-r0
4.2.2-r0
4.2.2-r1
4.2.3-r0
4.2.3-r1
4.2.3-r2
4.2.3-r3
4.2.3-r4
4.2.4-r0
4.2.4-r1
4.3.0-r0
4.3.1-r0
4.3.2-r0
4.3.3-r0

Alpine:v3.17 / nsd

Package

Name
nsd
Purl
pkg:apk/alpine/nsd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.4-r0

Affected versions

3.*

3.2.7-r0
3.2.7-r1
3.2.8-r0
3.2.9-r0
3.2.10-r0
3.2.12-r0
3.2.13-r0
3.2.14-r0
3.2.15-r0
3.2.16-r0
3.2.16-r1
3.2.16-r2

4.*

4.0.0-r0
4.0.0-r1
4.0.1-r0
4.0.1-r1
4.0.2-r0
4.0.3-r0
4.0.3-r1
4.1.0-r0
4.1.1-r0
4.1.1-r1
4.1.2-r0
4.1.3-r0
4.1.4-r0
4.1.6-r0
4.1.7-r0
4.1.7-r1
4.1.8-r0
4.1.9-r0
4.1.9-r1
4.1.10-r1
4.1.11-r0
4.1.13-r0
4.1.13-r1
4.1.14-r0
4.1.14-r1
4.1.15-r0
4.1.15-r1
4.1.15-r2
4.1.16-r0
4.1.16-r1
4.1.19-r0
4.1.20-r0
4.1.20-r1
4.1.21-r0
4.1.22-r0
4.1.23-r0
4.1.24-r0
4.1.24-r1
4.1.26-r0
4.1.27-r0
4.2.0-r0
4.2.1-r0
4.2.2-r0
4.2.2-r1
4.2.3-r0
4.2.3-r1
4.2.3-r2
4.2.3-r3
4.2.3-r4
4.2.4-r0
4.2.4-r1
4.3.0-r0
4.3.1-r0
4.3.2-r0
4.3.3-r0

Alpine:v3.18 / nsd

Package

Name
nsd
Purl
pkg:apk/alpine/nsd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.4-r0

Affected versions

3.*

3.2.7-r0
3.2.7-r1
3.2.8-r0
3.2.9-r0
3.2.10-r0
3.2.12-r0
3.2.13-r0
3.2.14-r0
3.2.15-r0
3.2.16-r0
3.2.16-r1
3.2.16-r2

4.*

4.0.0-r0
4.0.0-r1
4.0.1-r0
4.0.1-r1
4.0.2-r0
4.0.3-r0
4.0.3-r1
4.1.0-r0
4.1.1-r0
4.1.1-r1
4.1.2-r0
4.1.3-r0
4.1.4-r0
4.1.6-r0
4.1.7-r0
4.1.7-r1
4.1.8-r0
4.1.9-r0
4.1.9-r1
4.1.10-r1
4.1.11-r0
4.1.13-r0
4.1.13-r1
4.1.14-r0
4.1.14-r1
4.1.15-r0
4.1.15-r1
4.1.15-r2
4.1.16-r0
4.1.16-r1
4.1.19-r0
4.1.20-r0
4.1.20-r1
4.1.21-r0
4.1.22-r0
4.1.23-r0
4.1.24-r0
4.1.24-r1
4.1.26-r0
4.1.27-r0
4.2.0-r0
4.2.1-r0
4.2.2-r0
4.2.2-r1
4.2.3-r0
4.2.3-r1
4.2.3-r2
4.2.3-r3
4.2.3-r4
4.2.4-r0
4.2.4-r1
4.3.0-r0
4.3.1-r0
4.3.2-r0
4.3.3-r0

Alpine:v3.19 / nsd

Package

Name
nsd
Purl
pkg:apk/alpine/nsd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.4-r0

Affected versions

3.*

3.2.7-r0
3.2.7-r1
3.2.8-r0
3.2.9-r0
3.2.10-r0
3.2.12-r0
3.2.13-r0
3.2.14-r0
3.2.15-r0
3.2.16-r0
3.2.16-r1
3.2.16-r2

4.*

4.0.0-r0
4.0.0-r1
4.0.1-r0
4.0.1-r1
4.0.2-r0
4.0.3-r0
4.0.3-r1
4.1.0-r0
4.1.1-r0
4.1.1-r1
4.1.2-r0
4.1.3-r0
4.1.4-r0
4.1.6-r0
4.1.7-r0
4.1.7-r1
4.1.8-r0
4.1.9-r0
4.1.9-r1
4.1.10-r1
4.1.11-r0
4.1.13-r0
4.1.13-r1
4.1.14-r0
4.1.14-r1
4.1.15-r0
4.1.15-r1
4.1.15-r2
4.1.16-r0
4.1.16-r1
4.1.19-r0
4.1.20-r0
4.1.20-r1
4.1.21-r0
4.1.22-r0
4.1.23-r0
4.1.24-r0
4.1.24-r1
4.1.26-r0
4.1.27-r0
4.2.0-r0
4.2.1-r0
4.2.2-r0
4.2.2-r1
4.2.3-r0
4.2.3-r1
4.2.3-r2
4.2.3-r3
4.2.3-r4
4.2.4-r0
4.2.4-r1
4.3.0-r0
4.3.1-r0
4.3.2-r0
4.3.3-r0

Alpine:v3.20 / nsd

Package

Name
nsd
Purl
pkg:apk/alpine/nsd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.4-r0

Affected versions

3.*

3.2.7-r0
3.2.7-r1
3.2.8-r0
3.2.9-r0
3.2.10-r0
3.2.12-r0
3.2.13-r0
3.2.14-r0
3.2.15-r0
3.2.16-r0
3.2.16-r1
3.2.16-r2

4.*

4.0.0-r0
4.0.0-r1
4.0.1-r0
4.0.1-r1
4.0.2-r0
4.0.3-r0
4.0.3-r1
4.1.0-r0
4.1.1-r0
4.1.1-r1
4.1.2-r0
4.1.3-r0
4.1.4-r0
4.1.6-r0
4.1.7-r0
4.1.7-r1
4.1.8-r0
4.1.9-r0
4.1.9-r1
4.1.10-r1
4.1.11-r0
4.1.13-r0
4.1.13-r1
4.1.14-r0
4.1.14-r1
4.1.15-r0
4.1.15-r1
4.1.15-r2
4.1.16-r0
4.1.16-r1
4.1.19-r0
4.1.20-r0
4.1.20-r1
4.1.21-r0
4.1.22-r0
4.1.23-r0
4.1.24-r0
4.1.24-r1
4.1.26-r0
4.1.27-r0
4.2.0-r0
4.2.1-r0
4.2.2-r0
4.2.2-r1
4.2.3-r0
4.2.3-r1
4.2.3-r2
4.2.3-r3
4.2.3-r4
4.2.4-r0
4.2.4-r1
4.3.0-r0
4.3.1-r0
4.3.2-r0
4.3.3-r0

Debian:11 / nsd

Package

Name
nsd
Purl
pkg:deb/debian/nsd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / nsd

Package

Name
nsd
Purl
pkg:deb/debian/nsd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / nsd

Package

Name
nsd
Purl
pkg:deb/debian/nsd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / unbound

Package

Name
unbound
Purl
pkg:deb/debian/unbound?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.13.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / unbound

Package

Name
unbound
Purl
pkg:deb/debian/unbound?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.13.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / unbound

Package

Name
unbound
Purl
pkg:deb/debian/unbound?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.13.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/nlnetlabs/nsd

Affected ranges

Type
GIT
Repo
https://github.com/nlnetlabs/nsd
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Type
GIT
Repo
https://github.com/nlnetlabs/unbound
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

Other

ALPHA
ALPHA2
ANSWERS
NAMED8_STATS
NSD_1_0_1_BETA5
NSD_1_0_1_BP
NSD_1_0_2_REL
NSD_1_0_2_merge_into_1_1_0
NSD_1_0_3_REL
NSD_1_0_3_last_merge
NSD_1_0_BP
NSD_1_1_0B2_REL
NSD_1_1_0_BP
NSD_1_1_0_REL
NSD_1_1_1
NSD_1_1_1_BP
NSD_1_2_0_REL
NSD_1_2_1_REL
NSD_1_2_2_REL
NSD_1_2_3_REL
NSD_1_2_4_REL
NSD_1_2_BP
NSD_1_2_end_of_merge
NSD_1_2_last_merge
NSD_1_3_0_ALPHA_1_REL
NSD_1_3_BP
NSD_1_4_0_ALPHA_1_REL
NSD_2_0_0_REL
NSD_2_0_0_WS_REL
NSD_2_0_1_REL
NSD_2_0_2_REL
NSD_2_0_BP
NSD_2_0_end_of_merge
NSD_2_0_last_merge
NSD_2_1_0_REL
NSD_2_1_1_REL
NSD_2_1_2_REL
NSD_2_1_3_REL
NSD_2_1_4_REL
NSD_2_1_5_REL
NSD_2_1_BP
NSD_2_1_end_of_merge
NSD_2_1_last_merge
NSD_2_2_0_REL
NSD_2_2_1_REL
NSD_2_2_BP2
NSD_2_2_end_of_merge
NSD_2_2_last_merge
NSD_2_3_0_REL
NSD_2_3_1_REL
NSD_2_3_3_REL
NSD_3_0_1_REL
NSD_3_0_2_REL
NSD_3_0_4_REL
NSD_3_2_1_REL
NSD_3_2_2_REL
NSD_3_2_4_REL
NSD_3_2_6_REL
NSD_3_2_7_REL
NSD_3_XML_SOCK_DB
NSD_3_signalsocket_solution
NSD_4_0_0_BETA1
NSD_4_0_0_BETA2
NSD_4_0_0_BETA3
NSD_4_0_0_BETA4
NSD_4_0_0_RC2
NSD_4_0_0_RC3
NSD_4_0_0_REL
NSD_4_0_0_imp_1
NSD_4_0_0_imp_2
NSD_4_0_0_imp_3
NSD_4_0_0_imp_4
NSD_4_0_0_imp_6
NSD_4_0_1_RC1
NSD_4_0_1_RC2
NSD_4_0_1_REL
NSD_4_0_2_REL
NSD_4_0_3_REL
NSD_4_1_0_RC1
NSD_4_1_0_REL
NSD_4_1_10_RC1
NSD_4_1_10_RC2
NSD_4_1_10_REL
NSD_4_1_11_RC1
NSD_4_1_11_RC2
NSD_4_1_13_RC1
NSD_4_1_13_REL
NSD_4_1_14_RC1
NSD_4_1_14_REL
NSD_4_1_15_RC1
NSD_4_1_16_RC1
NSD_4_1_16_REL
NSD_4_1_17_RC1
NSD_4_1_18_RC1
NSD_4_1_18_RC2
NSD_4_1_18_REL
NSD_4_1_19RC1
NSD_4_1_19_REL
NSD_4_1_1_RC1
NSD_4_1_1_REL
NSD_4_1_20_RC1
NSD_4_1_21_RC1
NSD_4_1_21_REL
NSD_4_1_22_RC1
NSD_4_1_24_RC1
NSD_4_1_25_RC1
NSD_4_1_25_REL
NSD_4_1_26_RC1
NSD_4_1_27_RC1
NSD_4_1_2_RC1
NSD_4_1_2_RC2
NSD_4_1_2_REL
NSD_4_1_4_RC1
NSD_4_1_5_REL
NSD_4_1_6_RC1
NSD_4_1_6_RC2
NSD_4_1_6_REL
NSD_4_1_7_RC1
NSD_4_1_8_RC1
NSD_4_1_8_REL
NSD_4_2_0_RC1
NSD_4_2_0_REL
NSD_4_2_1_RC1
NSD_4_2_1_REL
NSD_4_2_2_RC1
NSD_4_2_2_RC2
NSD_4_2_2_REL
NSD_4_2_3_RC1
NSD_4_2_3_REL
NSD_4_2_4_RC1
NSD_4_2_4_REL
NSD_4_3_0_RC1
NSD_4_3_0_REL
NSD_4_3_1_RC1
NSD_4_3_1_RC2
NSD_4_3_1_REL
NSD_4_3_2_RC1
NSD_4_3_2_REL
NSD_4_3_3_RC1
NSD_4_3_3_REL
PostScrewUp
before_optimization
final-svn-state
help
new_zf_parser_start