CVE-2011-3581 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2011-3581 Interim 1 21 2025-11-05T05:44:59Z current 2021-05-30T12:59:52Z 2025-11-05T05:44:59Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2011-3581 Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns before 1.6.11 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Resource Record (RR) with an unknown type containing input that is longer than a specified length. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZPCOAHAYSDV2IXPWNUAEY4SP6A65JSSY/#ZPCOAHAYSDV2IXPWNUAEY4SP6A65JSSY E-Mail link for openSUSE-SU-2011:1161-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SN4GMTECRTWUFX2HOGC6WVJORD4NBWNB/#SN4GMTECRTWUFX2HOGC6WVJORD4NBWNB E-Mail link for openSUSE-SU-2011:1169-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SP1 openSUSE Tumbleweed ldns-1.6.17-5.7 ldns-1.8.4-160000.2.3 ldns-devel-1.6.17-5.7 ldns-devel-1.7.0-2.22 ldns-devel-1.8.4-160000.2.3 libldns1-1.6.17-5.7 libldns2-1.7.0-2.22 libldns3-1.8.4-160000.2.3 perl-DNS-LDNS-1.6.17-5.7 perl-DNS-LDNS-1.7.0-2.22 perl-DNS-LDNS-1.8.4-160000.2.3 python-ldns-1.6.17-5.7 python3-ldns-1.8.4-160000.2.3 ldns-devel-1.7.0-2.22 as a component of SUSE Linux Enterprise Module for Basesystem 15 libldns2-1.7.0-2.22 as a component of SUSE Linux Enterprise Module for Basesystem 15 ldns-devel-1.7.0-2.22 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP1 libldns2-1.7.0-2.22 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP1 perl-DNS-LDNS-1.7.0-2.22 as a component of SUSE Linux Enterprise Module for Development Tools 15 perl-DNS-LDNS-1.7.0-2.22 as a component of SUSE Linux Enterprise Module for Development Tools 15 SP1 ldns-1.8.4-160000.2.3 as a component of SUSE Linux Enterprise Server 16.0 ldns-devel-1.8.4-160000.2.3 as a component of SUSE Linux Enterprise Server 16.0 libldns3-1.8.4-160000.2.3 as a component of SUSE Linux Enterprise Server 16.0 perl-DNS-LDNS-1.8.4-160000.2.3 as a component of SUSE Linux Enterprise Server 16.0 python3-ldns-1.8.4-160000.2.3 as a component of SUSE Linux Enterprise Server 16.0 ldns-1.6.17-5.7 as a component of openSUSE Tumbleweed ldns-devel-1.6.17-5.7 as a component of openSUSE Tumbleweed libldns1-1.6.17-5.7 as a component of openSUSE Tumbleweed perl-DNS-LDNS-1.6.17-5.7 as a component of openSUSE Tumbleweed python-ldns-1.6.17-5.7 as a component of openSUSE Tumbleweed Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns before 1.6.11 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Resource Record (RR) with an unknown type containing input that is longer than a specified length. CVE-2011-3581 SUSE Linux Enterprise Module for Basesystem 15:ldns-devel-1.7.0-2.22 SUSE Linux Enterprise Module for Basesystem 15:libldns2-1.7.0-2.22 SUSE Linux Enterprise Module for Basesystem 15 SP1:ldns-devel-1.7.0-2.22 SUSE Linux Enterprise Module for Basesystem 15 SP1:libldns2-1.7.0-2.22 SUSE Linux Enterprise Module for Development Tools 15:perl-DNS-LDNS-1.7.0-2.22 SUSE Linux Enterprise Module for Development Tools 15 SP1:perl-DNS-LDNS-1.7.0-2.22 SUSE Linux Enterprise Server 16.0:ldns-1.8.4-160000.2.3 SUSE Linux Enterprise Server 16.0:ldns-devel-1.8.4-160000.2.3 SUSE Linux Enterprise Server 16.0:libldns3-1.8.4-160000.2.3 SUSE Linux Enterprise Server 16.0:perl-DNS-LDNS-1.8.4-160000.2.3 SUSE Linux Enterprise Server 16.0:python3-ldns-1.8.4-160000.2.3 openSUSE Tumbleweed:ldns-1.6.17-5.7 openSUSE Tumbleweed:ldns-devel-1.6.17-5.7 openSUSE Tumbleweed:libldns1-1.6.17-5.7 openSUSE Tumbleweed:perl-DNS-LDNS-1.6.17-5.7 openSUSE Tumbleweed:python-ldns-1.6.17-5.7 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P