CVE-2020-24383

First published: Fri Dec 11 2020(Updated: )

An issue was discovered in FNET through 4.6.4. The code for processing resource records in mDNS queries doesn't check for proper '\0' termination of the resource record name string, leading to an out-of-bounds read, and potentially causing information leak or Denial-or-Service.

Credit: cve@mitre.org cve@mitre.org

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-api
• collector/nvd-index
• agent/author
• agent/first-publish-date
• agent/last-modified-date
• agent/type
• collector/ics-cert-advisory
• source/ICS
• agent/software-canonical-lookup
• agent/severity
• agent/weakness
• agent/references
• agent/softwarecombine
• agent/tags
• agent/event
• agent/description
• collector/mitre-cve
• source/MITRE
• vendor/butok
• canonical/butok fnet
• version/butok fnet/4.6.4
• vendor/multiple (open source)
• canonical/multiple (open source) picotcp-ng, version 1.7.0 and prior
• canonical/multiple (open source) picotcp (eol), version 1.7.0 and prior
• canonical/multiple (open source) fnet, version 4.6.3
• canonical/multiple (open source) nut/net, version 5.1 and prior