CVE-2020-25767

Name of the Vulnerable Software and Affected Versions HCC Embedded NicheStack IPv4 version 4.1

Description An issue was discovered in the dnc copy in routine for parsing DNS domain names, which does not check whether a domain name compression pointer is pointing within the bounds of the packet. This leads to an Out-of-bounds Read and a Denial-of-Service as a consequence. The vulnerability is related to the DNS client in TCP/IP stacks and can be exploited by a remote attacker to cause a denial of service.

Recommendations For HCC Embedded NicheStack IPv4 version 4.1, consider implementing bounds checking for domain name compression pointers in the dnc copy in routine to prevent Out-of-bounds Read and Denial-of-Service attacks. As a temporary workaround, consider restricting the use of the dnc copy in routine until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.