Unrated severityNVD Advisory· Published Oct 3, 2019· Updated Aug 5, 2024
CVE-2019-16866
CVE-2019-16866
Description
Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Unbound/Unbounddescription
Patches
Vulnerability mechanics
References
7- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E65NCWZZB2D75ZIYWPXKMVGSGNYW4JMC/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MLRHE7TQFAOV4MB2ELTOGESZYUL65NUJ/mitrevendor-advisoryx_refsource_FEDORA
- usn.ubuntu.com/4149-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.debian.org/security/2019/dsa-4544mitrevendor-advisoryx_refsource_DEBIAN
- github.com/NLnetLabs/unbound/blob/release-1.9.4/doc/Changelogmitrex_refsource_MISC
- nlnetlabs.nl/downloads/unbound/CVE-2019-16866.txtmitrex_refsource_MISC
- seclists.org/bugtraq/2019/Oct/23mitremailing-listx_refsource_BUGTRAQ
News mentions
0No linked articles in our index yet.