CVE-2019-25032: Integer Overflow
First published: Tue Apr 27 2021(Updated: )
** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in the regional allocator via regional_alloc. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Unbound | <1.9.5 | |
| Debian | =9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2019-25032.
What is the severity rating of CVE-2019-25032?
CVE-2019-25032 has a severity rating of critical.
Which software versions are affected by CVE-2019-25032?
CVE-2019-25032 affects Unbound versions before 1.9.5 and Debian Linux version 9.0.
What is the nature of the vulnerability in CVE-2019-25032?
CVE-2019-25032 is an integer overflow vulnerability in the regional allocator of Unbound.
Is this vulnerability disputed by the vendor?
Yes, the vendor disputes that this is a vulnerability.
- agent/type
- agent/references
- agent/severity
- agent/status
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/first-publish-date
- agent/event
- agent/last-modified-date
- agent/source
- agent/weakness
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/nlnetlabs
- canonical/unbound
- vendor/debian
- canonical/debian
- version/debian/9.0
- status/disputed