CVE-2023-31470
- Source
- https://cve.org/CVERecord?id=CVE-2023-31470
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-31470.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-31470
- Related
- Published
- 2023-04-28T21:15:09.307Z
- Modified
- 2025-11-15T06:30:57.419747Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
SmartDNS through 41 before 56d0332 allows an out-of-bounds write because of a stack-based buffer overflow in the dnsencode_domain function in the dns.c file, via a crafted DNS request.
- References
Affected packages
Git / github.com/pymumu/smartdns
Affected ranges
- Type
- GIT
- Repo
- https://github.com/pymumu/smartdns
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
Release18
Release20
Release21
Release22
Release23
Release24
Release25
Release26-Special
Release27
Release28
Release29
Release30
Release31
Release32
Release32-RC1
Release32-RC2
Release32-RC3
Release32-RC4
Release33
Release34
Release35
Release36
Release37
Release37-RC1
Release37-RC2
Release37-RC3
Release38
Release39
Release40
Release41
Release41-RC1
Release41-RC2
Release41-RC3
all-best-ip
Release36.*
Release36.1
Release37.*
Release37.1
Release37.2
Release38.*
Release38.1
Database specific
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-31470.json"
vanir_signatures
[
{
"source": "https://github.com/pymumu/smartdns/commit/56d0332bf91104cfc877635f6c82e9348587df04",
"digest": {
"function_hash": "169912796625121099106009019379367753006",
"length": 735.0
},
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "_dns_encode_domain",
"file": "src/dns.c"
},
"id": "CVE-2023-31470-30af6f0e"
},
{
"source": "https://github.com/pymumu/smartdns/commit/56d0332bf91104cfc877635f6c82e9348587df04",
"digest": {
"function_hash": "230385637131233285377617773882511915440",
"length": 422.0
},
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "dns_add_rr_nested_end",
"file": "src/dns.c"
},
"id": "CVE-2023-31470-32bdaaad"
},
{
"source": "https://github.com/pymumu/smartdns/commit/56d0332bf91104cfc877635f6c82e9348587df04",
"digest": {
"function_hash": "32096184302517270657292637520222458689",
"length": 638.0
},
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "dns_get_HTTPS_svcparm_start",
"file": "src/dns.c"
},
"id": "CVE-2023-31470-3ef8dc6c"
},
{
"source": "https://github.com/pymumu/smartdns/commit/56d0332bf91104cfc877635f6c82e9348587df04",
"digest": {
"function_hash": "74330430681167380186309979217637541767",
"length": 529.0
},
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "dns_add_HTTPS_start",
"file": "src/dns.c"
},
"id": "CVE-2023-31470-4708478f"
},
{
"source": "https://github.com/pymumu/smartdns/commit/56d0332bf91104cfc877635f6c82e9348587df04",
"digest": {
"line_hashes": [
"241382170371060283197583662737348373921",
"268394413119769959651969316341731283341",
"309590257532024282039633984238791878026",
"280405627721706796216816445772441069500",
"252541648313301507617401436555684979247",
"54717255861077282450922740716153881019",
"45567382952575710476382746254630472778",
"294339842528982194421118699944437859957",
"306313475636853026047985297106242121089",
"244276304013555880355386645525839941156",
"300962561133503824646429150118463052158"
],
"threshold": 0.9
},
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "src/util.c"
},
"id": "CVE-2023-31470-49c8b413"
},
{
"source": "https://github.com/pymumu/smartdns/commit/56d0332bf91104cfc877635f6c82e9348587df04",
"digest": {
"line_hashes": [
"242436621917432689634126263678710259071",
"171997737769840085234946205156580448419",
"273883572508791090062942736680819502601",
"15684461347770907045653342493078886155",
"337831570853474113689584546485078743680",
"149099078884125531376868683738837243019",
"118218576298448768285027509491127044866",
"117574967973713412826340250479487077725",
"294307222102852762579063593928976431148",
"15231982700930121309739415791389125115",
"192618051883365668007899048782963695786",
"332349050204823870823446101647984030146",
"7434353030398014082408036716668599223",
"209473610003125851203517998407966832185",
"282274310934208356747384066728206997451",
"293917817353941682130410713843978644729",
"72511154505166645562637247508203601940",
"1249815323647990241932436725969709811",
"315597855468372793427326351776427679541",
"185447228769326067893105405059107550430",
"214770328058757461606798784671617728517",
"54113753011228220109993187857541951483",
"98231460787787160510159576475229163249",
"6941502951922231182010838164522186446",
"158158986231759668643960743643914160061",
"329725410821383967190997881096706791214",
"8883790196571882293248487332145701390",
"99405647811762234497343018120353539034",
"107436536018053776512446665544552182330",
"157304411885943439682082656583763540474",
"227057906616735848470529407416018375659",
"335148344838058010607359020527615561488",
"33775502251128779849449512578934633017",
"216142181337568567379475395082918168883",
"184512915804415280252584200842259530081",
"282492178383963727052300689313960165496",
"170141455759007555750780959237977494987",
"226684063342980192969372068326222316771",
"253399481465956515509827067690431983091",
"255609798571410525453301283684695621890",
"92144644094459739158713559742146870520",
"151443797382330957493117464426992709813",
"290251713395817325486614222133508376377",
"269833099071242175776843757976670117705",
"14354461176105564041851769093091643217",
"137634766307045756726367262319113837024",
"55294380615226157968122403724529949509",
"2518924837095110377206593488354693213",
"113520629202918154036452288667049515847",
"167674556921708638859154034141908225989",
"58792682466335628525056613426049159261",
"69718951193405978445522695134002387300",
"150253224547257113241004346327503610259",
"119672745255136024911093294384405064157",
"249534049721945734131640243530763872904",
"206013203817353240806772714138520468235",
"295217366866798813978120539284831447237",
"156709637954916424189594674055750432878",
"331472309295222649175965894251724635694",
"133318202385527811802544557006804748342",
"43668674395182328274175117810719793484",
"324112346056683059256473279357957356265",
"205184063631139715535048389739069943420",
"234389030951701291058556837983042990269",
"321630748339169804715526887749191641350",
"227768696961366997017170306240119849327",
"234738702191021095867188473638268547516",
"276948468486083991224908792656544222395",
"216283891559911506248485707528373146281",
"273589668745429817700849163570630059312",
"50521080654286145340369265576512643124",
"282260957339371591233377827989476983710"
],
"threshold": 0.9
},
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "src/dns.c"
},
"id": "CVE-2023-31470-a7387fed"
},
{
"source": "https://github.com/pymumu/smartdns/commit/56d0332bf91104cfc877635f6c82e9348587df04",
"digest": {
"function_hash": "47402501447271308738697483432145837495",
"length": 3616.0
},
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "_dns_debug_display",
"file": "src/util.c"
},
"id": "CVE-2023-31470-c02f6f8a"
},
{
"source": "https://github.com/pymumu/smartdns/commit/56d0332bf91104cfc877635f6c82e9348587df04",
"digest": {
"function_hash": "73860905397934245887131865301290350758",
"length": 1482.0
},
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "_dns_encode_HTTPS",
"file": "src/dns.c"
},
"id": "CVE-2023-31470-d998aa05"
},
{
"source": "https://github.com/pymumu/smartdns/commit/56d0332bf91104cfc877635f6c82e9348587df04",
"digest": {
"function_hash": "24456801407452923010312671941676136177",
"length": 298.0
},
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "dns_add_rr_nested_memcpy",
"file": "src/dns.c"
},
"id": "CVE-2023-31470-e8fc325e"
},
{
"source": "https://github.com/pymumu/smartdns/commit/56d0332bf91104cfc877635f6c82e9348587df04",
"digest": {
"line_hashes": [
"271650015501604082981201918449662942840",
"77410190747481867046140665066740852349",
"224278159918926703332621707099272900790",
"32796693444213255373506832463648253670",
"135493299135695247351772366731603920841",
"58668368475773534802509196783275382556",
"282205146488963757813324235524523717009",
"252911935510293184220654857646372740507",
"243194980721953938189801404652405166342",
"30318820646937552653892063120310513542",
"34613184192252068540003950345180216395",
"312671530356303716819383196225243611451",
"55593267716804864379718970905006353680",
"93483028081201387081592708370955088327",
"267340466230713140335547516857558592575",
"222744525255572261300598791868362332818",
"265526031799172328413677955837421586997",
"3279029900774652742043446343024028796",
"92912805564498730712234434802194974112",
"138532487846352349617211720361210024040",
"140074488584029464757469184618489054393",
"268925846236506645757884867248030153235"
],
"threshold": 0.9
},
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "src/dns.h"
},
"id": "CVE-2023-31470-f5777916"
}
]