CVE-2017-14492 - log back

CVE-2017-14492 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ A heap buffer overflow was discovered in dnsmasq in the IPv6 router advertisement (RA) handling code. An attacker on the local network segment could send crafted RAs to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. This issue only affected configurations using one of these options: enable-ra, ra-only, slaac, ra-names, ra-advrouter, or ra-stateless.
References
+ http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=24036ea507862c7b7898b68289c8130f85599c10
Notes