CVE-2017-9108 vulnerability in OpenSuse and Other Products
Published on June 18, 2020

An issue was discovered in adns before 1.5.2. adnshost mishandles a missing final newline on a stdin read. It is wrong to increment used as well as setting r, since used is incremented according to r, later. Rather one should be doing what read() would have done. Without this fix, adnshost may read and process one byte beyond the buffer, perhaps crashing or perhaps somehow leaking the value of that byte.

Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2017-9108

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2017-9108 are published in these products:

OpenSuse Leap

GNU Adns

Fedora Project Fedora

Exploit Probability

EPSS

0.53%

Percentile

66.70%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2017-9108 vulnerability in OpenSuse and Other ProductsPublished on June 18, 2020

Products Associated with CVE-2017-9108

Exploit Probability

CVE-2017-9108 vulnerability in OpenSuse and Other Products
Published on June 18, 2020