CVE-2017-14495 log

Severity High
Remote Yes
Type Denial of service
A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets which would trigger memory allocations which would never be freed, leading to unbounded memory consumption and eventually a crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet.
Group Package Affected Fixed Severity Status Ticket
AVG-421 dnsmasq 2.77-1 2.78-1 Critical Fixed
Date Advisory Group Package Severity Type
02 Oct 2017 ASA-201710-1 AVG-421 dnsmasq Critical multiple issues