UBUNTU-CVE-2020-6071

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2020-6071

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-6071.json

JSON Data

https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2020-6071

Upstream

CVE-2020-6071

Downstream

USN-7239-1

Related

USN-7239-1

Published

2020-03-24T21:15:00Z

Modified

2025-07-16T08:25:35.056001Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Ubuntu - medium

Summary

[none]

Details

An exploitable denial-of-service vulnerability exists in the resource record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing compressed labels in mDNS messages, the compression pointer is followed without checking for recursion, leading to a denial of service. An attacker can send an mDNS message to trigger this vulnerability.

References

Affected packages

Ubuntu:Pro:18.04:LTS / libmicrodns

Package

Name: libmicrodns
Purl: pkg:deb/ubuntu/libmicrodns@0.0.8-1ubuntu0.1~esm1?arch=source&distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.0.8-1ubuntu0.1~esm1

Affected versions

0.*

0.0.7-2

0.0.8-1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_name": "libmicrodns-dev",
            "binary_version": "0.0.8-1ubuntu0.1~esm1"
        },
        {
            "binary_name": "libmicrodns0",
            "binary_version": "0.0.8-1ubuntu0.1~esm1"
        },
        {
            "binary_name": "libmicrodns0-dbgsym",
            "binary_version": "0.0.8-1ubuntu0.1~esm1"
        }
    ]
}

Ubuntu:Pro:18.04:LTS / vlc

Package

Name: vlc
Purl: pkg:deb/ubuntu/vlc@3.0.8-0ubuntu18.04.1+esm3?arch=source&distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.0.8-0ubuntu18.04.1+esm3

Affected versions

2.*

2.2.6-6

2.2.6-6build1

2.2.7-1

2.2.8-1

2.2.8-1ubuntu4

2.2.8-2

3.*

3.0.0~rc1-1ubuntu1

3.0.0~rc1-1ubuntu3

3.0.0~rc2-1ubuntu1

3.0.0~rc2-2ubuntu1

3.0.0~rc2-2ubuntu2

3.0.0~rc4-1ubuntu1

3.0.0~rc7-2ubuntu1

3.0.0~rc8-1ubuntu1

3.0.0-1ubuntu1

3.0.1-1ubuntu5

3.0.1-2ubuntu1

3.0.1-2ubuntu2

3.0.1-3

3.0.1-3build1

3.0.2-0ubuntu0.1

3.0.3-1-1ubuntu1

3.0.4-1ubuntu0.2

3.0.7.1-0ubuntu18.04.1

3.0.8-0ubuntu18.04.1

3.0.8-0ubuntu18.04.1+esm1

3.0.8-0ubuntu18.04.1+esm2

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_name": "libvlc-bin",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "libvlc-bin-dbgsym",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "libvlc-dev",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "libvlc5",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "libvlc5-dbgsym",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "libvlccore-dev",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "libvlccore9",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "libvlccore9-dbgsym",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-bin",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-bin-dbgsym",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-data",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-l10n",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-access-extra",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-access-extra-dbgsym",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-base",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-base-dbgsym",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-fluidsynth",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-fluidsynth-dbgsym",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-jack",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-jack-dbgsym",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-notify",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-notify-dbgsym",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-qt",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-qt-dbgsym",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-samba",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-samba-dbgsym",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-skins2",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-skins2-dbgsym",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-svg",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-svg-dbgsym",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-video-output",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-video-output-dbgsym",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-video-splitter",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-video-splitter-dbgsym",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-visualization",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-visualization-dbgsym",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        },
        {
            "binary_name": "vlc-plugin-zvbi",
            "binary_version": "3.0.8-0ubuntu18.04.1+esm3"
        }
    ]
}