CVE-2017-12130

Name of the Vulnerable Software and Affected Versions tinysvcmdns library version 2017-11-05

Description An exploitable NULL pointer dereference issue exists in the tinysvcmdns library. A specially crafted packet can cause the library to dereference a NULL pointer, leading to a server crash and denial of service. This can be triggered by sending a DNS query.

Recommendations For tinysvcmdns library version 2017-11-05, consider restricting access to the DNS query functionality until a patch is available. As a temporary workaround, avoid using the library with untrusted input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.