CVE-2024-42643

EUVD-2024-39737
Integer Overflow in fast_ping.c in SmartDNS Release46 allows remote attackers to cause a Denial of Service via misaligned memory access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA-ADPADP
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 55%
Debian logo
Debian Releases
Debian Product
Codename
smartdns
bookworm
40+dfsg-1
fixed
bullseye
33+dfsg-2.1
fixed
forky
46.1+dfsg-1
fixed
sid
46.1+dfsg-1
fixed
trixie
46.1+dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
smartdns
focal
dne
jammy
not-affected
noble
Fixed 45+dfsg-1ubuntu0.1~esm1
released
oracular
Fixed 46+dfsg-1ubuntu0.1
released
plucky
needed
questing
needed
Common Weakness Enumeration
References
https://github.com/pymumu/smartdns/issues/1779