CVE-2017-14491

Source
Severity Critical
Remote Yes
Type Arbitrary code execution
Description
A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code.
Group Package Affected Fixed Severity Status Ticket
AVG-421 dnsmasq 2.77-1 2.78-1 Critical Fixed
Date Advisory Group Package Severity Description
02 Oct 2017 ASA-201710-1 AVG-421 dnsmasq Critical multiple issues
References
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=0549c73b7ea6b22a3c49beb4d432f185a81efcbc
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=62cb936cb7ad5f219715515ae7d32dd281a5aa1f