CVE-2023-31470

Name of the Vulnerable Software and Affected Versions SmartDNS versions through 41 before 56d0332

Description The issue is caused by a stack-based buffer overflow in the dns encode domain function in the dns.c file, allowing an out-of-bounds write via a crafted DNS request. This can be exploited by sending a specifically crafted DNS request to the affected system.

Recommendations For SmartDNS versions through 41 before 56d0332, update to a version that includes the fix for the buffer overflow in the dns encode domain function. As a temporary workaround, consider restricting access to the dns encode domain function in the dns.c file until a patch is available.