CVE-2024-42643

Integer Overflow in fast_ping.c in SmartDNS Release46 allows remote attackers to cause a Denial of Service via misaligned memory access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CISA-ADPADP
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 48%
Debian logo
Debian Releases
Debian Product
Codename
smartdns
bullseye
33+dfsg-2.1
fixed
bookworm
40+dfsg-1
fixed
sid
46.1+dfsg-1
fixed
trixie
46.1+dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
smartdns
plucky
needed
oracular
Fixed 46+dfsg-1ubuntu0.1
released
noble
Fixed 45+dfsg-1ubuntu0.1~esm1
released
jammy
not-affected
focal
dne
Common Weakness Enumeration
References
https://github.com/pymumu/smartdns/issues/1779