CVE-2024-1931Infinite Loop in Labs Unbound

CWE-835Infinite Loop6 documents6 sources
Severity
7.5HIGHNVD
EPSS
6.8%
top 8.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Nlnet Labs UnboundNlnetlabs UnboundFedoraproject Fedora
Timeline
PublishedMar 7

Description

NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's advertised buffer size. Before removing all the EDE records however, it would try to see if trimming the extra text fields on those records would result in an acceptable size while still retaining the EDE

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

NVDnlnetlabs/unbound1.18.01.19.2
CVEListV5nlnet_labs/unbound1.18.01.19.2
Debiannlnetlabs/unbound< 1.19.2-1+1

Also affects: Fedora 38, 39, 40

🔴Vulnerability Details

3
GHSA
GHSA-q63v-rwfp-q5p2: NLnet Labs Unbound version 12024-03-07
CVEList
Denial of service when trimming EDE text on positive replies2024-03-07
OSV
CVE-2024-1931: NLnet Labs Unbound version 12024-03-07

📋Vendor Advisories

2
Red Hat
unbound: Infinite loop due to improper EDE message size check2024-03-07
Debian
CVE-2024-1931: unbound - NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a v...2024
CVE-2024-1931 — Infinite Loop in Nlnet Labs Unbound | cvebase