CVE-2016-0742

high F5
CVSS v3 Base Score
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
78.8%
Exploitation probability in 30 days
Top 1% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Confidentiality
None
Integrity
None
Availability
High
Published: February 15, 2016 (3740 days ago)
Last Modified: May 6, 2026
Vendor: F5
Source: NVD

Description

The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response.

CWE

CWE-476

Affected Products

f5 nginxcanonical ubuntu linuxdebian debian linuxopensuse leapapple xcoderedhat software collections

References

🔗 lists.opensuse.org 🔗 mailman.nginx.org 🔗 seclists.org 🔗 www.debian.org 🔗 www.securitytracker.com