CVE-2017-12132
published 2017-08-01CVE-2017-12132: The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name…
medium5.9CVSS 3.0
AVNACHPRNUINSUCNIHAN
The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | glibc | < glibc 2.25-1 (bookworm) | glibc 2.25-1 (bookworm) |
| gnu | glibc | <= 2.25 | — |
| gnu | glibc | >= 0 < 2.25-1 | 2.25-1 |
| gnu | glibc | >= 0 < 2.25-1 | 2.25-1 |
| gnu | glibc | >= 0 < 2.25-1 | 2.25-1 |
| gnu | glibc | >= 0 < 2.25-1 | 2.25-1 |
| gnu | glibc | >= 0 < 2.23-0ubuntu11.3+esm3 | 2.23-0ubuntu11.3+esm3 |
CVSS provenance
nvdv3.05.9MEDIUMCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
osv5.9MEDIUM