Actions
Security #7464
closeddoh2: buffer is not really limited to 65K as should be for DNS
Affected Versions:
Label:
CVE:
Git IDs:
Severity:
MODERATE
Disclosure Date:
03/17/2025
Description
Found by oss-fuzz:
https://issues.oss-fuzz.com/u/1/issues/383880388
No need to backport as DOH2 is only in master
Updated by Philippe Antoine 8 months ago
Updated by Philippe Antoine 8 months ago
Please do.
What was ambiguous ?
For information, there was a check for this 65K limit, but an incomplete one
Updated by Philippe Antoine 8 months ago
Jason Ish wrote in #note-5:
"not really limited".. Could be... Should be limited to 65k. Or should not be limited to 65k for whatever reason. So I'm not clear if the fix is enforce a 65k limit? Or something else.
The fix is indeed to really enforce the limit to 65K because the current enforcing does not work in all cases
Updated by Philippe Antoine 8 months ago
- Status changed from In Review to Closed
Actions