AVG-421

Package dnsmasq
Status Fixed
Severity Critical
Type multiple issues
Affected 2.77-1
Fixed 2.78-1
Current 2.80-3 [extra]
Ticket None
Created Mon Oct 2 13:45:21 2017
Issue Severity Remote Type Description
CVE-2017-14496 High Yes Denial of service
An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which...
CVE-2017-14495 High Yes Denial of service
A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets which would trigger memory allocations which...
CVE-2017-14494 Medium Yes Information disclosure
An information leak was found in dnsmasq in the DHCPv6 relay code. An attacker on the local network could send crafted DHCPv6 packets to dnsmasq causing it...
CVE-2017-14493 Critical Yes Arbitrary code execution
A stack buffer overflow was found in dnsmasq in the DHCPv6 code. An attacker on the local network could send a crafted DHCPv6 request to dnsmasq which would...
CVE-2017-14492 Critical Yes Arbitrary code execution
A heap buffer overflow was discovered in dnsmasq in the IPv6 router advertisement (RA) handling code. An attacker on the local network segment could send...
CVE-2017-14491 Critical Yes Arbitrary code execution
A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which...
Date Advisory Package Description
02 Oct 2017 ASA-201710-1 dnsmasq multiple issues
References
https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
https://github.com/google/security-research-pocs/tree/master/vulnerabilities/dnsmasq