Buffer Overflow Issue in adns Affects Multiple Versions
CVE-2017-9108
7.5HIGH
What is CVE-2017-9108?
A flaw was identified in the adns software, prior to version 1.5.2, where the adnshost component inadequately handles a missing newline during standard input reads. Instead of properly managing the read process, the implementation erroneously increments the 'used' variable while also setting 'r', leading to the potential for reading beyond the intended buffer limit. This may result in crashes or unintentional data leakage from the read operation.