CVE-2021-43523
published 2021-11-10CVE-2021-43523: In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo…
PriorityP352critical9.6CVSS 3.1
AVNACLPRNUIRSCCHIHAH
EPSS
3.26%
86.8th percentile
In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or injection into applications (leading to remote code execution, XSS, applications crashes, etc.). In other words, a validation step, which is expected in any stub resolver, does not occur.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | uclibc | — | — |
| msrc | cbl2_uclibc-ng_1.0.37-2_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_uclibc-ng_1.0.37-2_on_cbl_mariner_1.0 | — | — |
| uclibc-ng_project | uclibc-ng | < 1.0.39 | 1.0.39 |
| uclibc | uclibc | <= 0.9.33.2 | — |
CVSS provenance
nvdv3.19.6CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv9.6CRITICAL
vendor_debian9.6LOW
vendor_msrc9.6CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-65xv-vmv6-8r3f: In uClibc and uClibc-ng before 1
ghsa_unreviewed·2022-05-24
CVE-2021-43523 [CRITICAL] CWE-79 GHSA-65xv-vmv6-8r3f: In uClibc and uClibc-ng before 1
In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or injection into applications (leading to remote code execution, XSS, applications crashes, etc.). In other words, a validation step, which is expected in any stub resolver, does not occur.
OSV
CVE-2021-43523: In uClibc and uClibc-ng before 1
osv·2021-11-10·CVSS 9.6
CVE-2021-43523 [CRITICAL] CVE-2021-43523: In uClibc and uClibc-ng before 1
In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or injection into applications (leading to remote code execution, XSS, applications crashes, etc.). In other words, a validation step, which is expected in any stub resolver, does not occur.
CISA ICS
Hitachi Energy AFF66x
cisa_ics·2023-08-22·CVSS 7.4
[HIGH] Hitachi Energy AFF66x
ICS Advisory
##
Hitachi Energy AFF66x
Release DateAugust 22, 2023
Alert CodeICSA-23-234-01
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.6
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Hitachi Energy
- Equipment: AFF66x
- Vulnerabilities: Cross-site Scripting, Use of Insufficiently Random Values, Origin Validation Error, Integer Overflow or Wraparound, Uncontrolled Resource Consumption, NULL Pointer Dereference
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to compromise availability, integrity, and confidentiality of the targeted devices.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
Hitachi Energy reports these vulnerabilities affect the following AFF660/665 products:
- AFF660/665
Microsoft
In uClibc and uClibc-ng before 1.0.39 incorrect handling of special characters in domain names returned by DNS servers via gethostbyname getaddrinfo gethostbyaddr and getnameinfo can lead to output of
vendor_msrc·2021-11-09·CVSS 9.6
CVE-2021-43523 [CRITICAL] CWE-79 In uClibc and uClibc-ng before 1.0.39 incorrect handling of special characters in domain names returned by DNS servers via gethostbyname getaddrinfo gethostbyaddr and getnameinfo can lead to output of
In uClibc and uClibc-ng before 1.0.39 incorrect handling of special characters in domain names returned by DNS servers via gethostbyname getaddrinfo gethostbyaddr and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or injection into applications (leading to remote code execution XSS applications crashes etc.). In other words a validation step which is expected in any stub resolver does not occur.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro
Debian
CVE-2021-43523: uclibc - In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters ...
vendor_debian·2021·CVSS 9.6
CVE-2021-43523 [CRITICAL] CVE-2021-43523: uclibc - In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters ...
In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or injection into applications (leading to remote code execution, XSS, applications crashes, etc.). In other words, a validation step, which is expected in any stub resolver, does not occur.
Scope: local
bookworm: open
bullseye: open
forky: open
sid: open
trixie: open
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/wbx-github/uclibc-ng/commit/0f822af0445e5348ce7b7bd8ce1204244f31d174https://uclibc-ng.org/https://www.openwall.com/lists/oss-security/2021/11/09/1https://github.com/wbx-github/uclibc-ng/commit/0f822af0445e5348ce7b7bd8ce1204244f31d174https://uclibc-ng.org/https://www.openwall.com/lists/oss-security/2021/11/09/1
2021-11-10
Published