Daniel Fahlgren

**Name of the Vulnerable Software and Affected Versions** uClibc-ng versions prior to 1.0.12 **Description** The issue allows remote DNS servers to cause a denial of service, specifically an infinite loop, by exploiting the ` decode dotted` function in `libc/inet/resolv.c`. This can be achieved through vectors involving compressed items in a reply. **Recommendations** For versions prior to 1.0.12, update to version 1.0.12 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** uClibc-ng versions prior to 1.0.12 **Description** The issue allows remote DNS servers to cause a denial of service, resulting in an infinite loop, via a crafted packet. This is due to a problem in the ` read etc hosts r` function in libc/inet/resolv.c. **Recommendations** For versions prior to 1.0.12, update to version 1.0.12 or later to resolve the issue.