{"id":"CVE-2019-25037","details":"Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid packet. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited","modified":"2026-03-14T14:39:33.465313Z","published":"2021-04-27T06:15:07.617Z","related":["SUSE-SU-2022:0176-1","SUSE-SU-2022:0176-2","SUSE-SU-2022:0301-1","openSUSE-SU-2022:0176-1"],"references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20210507-0007/"},{"type":"FIX","url":"https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nlnetlabs/unbound","events":[{"introduced":"0"},{"fixed":"34e52a4313d59b9d57e928c44300fd81e1a48910"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.9.5"}]}}],"database_specific":{"vanir_signatures":[{"deprecated":false,"signature_type":"Function","digest":{"length":2050,"function_hash":"303465733232096823978517449070123341908"},"source":"https://github.com/nlnetlabs/unbound/commit/34e52a4313d59b9d57e928c44300fd81e1a48910","signature_version":"v1","target":{"file":"ipsecmod/ipsecmod.c","function":"call_hook"},"id":"CVE-2019-25037-22a971d4"},{"deprecated":false,"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["70553163538034000960962883838447906720","62147787479526802497929393542831647967","43794976847243337970009644075751210128","206854229777134557726766374652661591754","22497931369453821656061072947680439892","242433969134937716326432553874698764934","152938100667906096131479708143832401450","46101062252850330511575173918983145724","157362141640837772740229871849226310613","264538954822069397443472615122773019789","143496833277953931355852379224938644257","203480266179038306884326564596176499939","73665829503106289032328800348605369082","52655954125939492573192009812488428936","230510070027535029623236987883043298098","55963106386066207446778033336776991557","212464111113386431760714608928832136845","324317679674959875372319663952451420433","145501367096330326271927998536912673132","7712312671338711946672425055757003510","194469914231690406518933733543167455343","337078465626256361135521580377815858255","69551360486834579820395484095932616453","220932950267901280906770376209241638547","151806495451079858604557862390711251772","323984524004576252695495354068249264428","159125170216428001982894041239002846868","313604412320883742384448830965984522380","23897712633339973223394152662924014280","38388900261996797264813407465142516282","317076279302621377901973555687290557121","226533621284668773151351540579066444426","125136969720913860571958183594799194979","29149951929535913424346922945050149000","276850585468923192981327481397947013256","106906077810546410056895284908258869603","321648861069286777914698546075854336991","329099943122094127043805942847111155503","268976628581068154189092415548339107624","216521024988449076787229928756721242292","272369404287204970864515064130729912166","173702320536478764984116801009380616093","217779352477091361310529382652262637628","206316453957424109683099858931641700972","160248007866213256693231605169867630647","116009048536553657149447497080385657406","323984524004576252695495354068249264428","315173114953696267668618285516325708852","83901963534077062432336834987362808731","271513679856295084688565457535021362732","296253931515678179339484311338481206675","297974649863533103736763988090693906104","118871358511266717950982875254055733303","162379569995058781279607653043713940509","152854346008092563513635124784708029520","131926960543874682953641937570941013521","96634251516368624315815557265261067079","262734782257050881731445987591207587340","60721623658936596335710612399404057500","126095431476034665070989077541763716606","167700405682410954493352853114581197547"]},"source":"https://github.com/nlnetlabs/unbound/commit/34e52a4313d59b9d57e928c44300fd81e1a48910","signature_version":"v1","target":{"file":"ipsecmod/ipsecmod.c"},"id":"CVE-2019-25037-ed5fda81"}],"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-25037.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}