---

CVE-2017-14496 - log back

CVE-2017-14496 created at 25 Sep 2019 19:31:40
Severity	+ High
Remote	+ Remote
Type	+ Denial of service
Description	+ An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet.
References	+ http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=897c113fda0886a28a986cc6ba17bb93bd6cb1c7
Notes