High severity7.5NVD Advisory· Published Oct 19, 2017· Updated Jun 17, 2026
CVE-2017-15650
CVE-2017-15650
Description
musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dns_parse_callback in network/lookup_name.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- git.musl-libc.org/cgit/musl/commit/nvdVendor Advisory
- git.musl-libc.org/cgit/musl/tree/WHATSNEWnvdVendor Advisory
- openwall.com/lists/oss-security/2017/10/19/5nvdMailing ListMitigationThird Party Advisory
News mentions
0No linked articles in our index yet.