CVE-2020-6073: 
NixOS vulnerability analysis and mitigation

An exploitable denial-of-service vulnerability (CVE-2020-6073) was discovered in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. The vulnerability was discovered by Claudio Bozzato of Cisco Talos and publicly disclosed on March 23, 2020. The affected software is libmicrodns, a library used by VLC media player for mDNS services discovery (Talos Report).

The vulnerability occurs when parsing the RDATA section in a TXT record in mDNS messages, where multiple integer overflows can be triggered. The issue stems from unsigned integers *n and len being used in the parsing loop, which only stops when len is exactly equal to 0 or when *n is less than the length read in RDATA. The vulnerability has a CVSS v3.1 Base Score of 7.5 (HIGH) with vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H and is classified as CWE-190: Integer Overflow or Wraparound (Talos Report).

When successfully exploited, this vulnerability leads to a denial of service condition. The integer overflow causes the program to eventually crash with an out-of-bounds read when processing maliciously crafted mDNS messages (Talos Report).

The vulnerability was patched by the vendor on March 20, 2020. Users should upgrade to a version newer than 0.1.0. Some distributions, such as Debian, initially addressed the issue by disabling the microdns plugin in their VLC packages (Debian Advisory, Gentoo Advisory).