CVE Vulnerabilities

CVE-2017-1000231

Double Free

Published: Nov 17, 2017 | Modified: Feb 04, 2018
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.

Weakness

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

Affected Software

Name Vendor Start Version End Version
Ldns Nlnetlabs 1.7.0 1.7.0

Potential Mitigations

References