Name Resolution Vulnerability in ADNS by Ian Lynagh
CVE-2017-9109
9.8CRITICAL
What is CVE-2017-9109?
A name resolution vulnerability exists in ADNS versions prior to 1.5.2, where the parser fails to properly ignore extraneous responses before the first Resource Record (RR). This oversight can lead to confusion when processing interleaved CNAME answers, potentially causing a memory overrun in the answer data structure on the heap. The correct processing approach, which has been implemented in later versions, ensures that the system only considers RRs following the CNAME, thereby mitigating the risk of incorrect data handling.