csaf_suse - suse-su-2017:2616-1

Vulnerability from csaf_suse

Published

2017-10-02 13:53

Modified

2017-10-02 13:53

Summary

Security update for dnsmasq

Notes

Title of the patch

Security update for dnsmasq

Description of the patch

This update for dnsmasq fixes the following issues. Remedy the following security issues: - CVE-2017-14491: 2 byte heap based overflow. [bsc#1060354] - CVE-2017-14492: heap based overflow. [bsc#1060355] - CVE-2017-14493: stack based overflow. [bsc#1060360] - CVE-2017-14494: DHCP - info leak. [bsc#1060361] - CVE-2017-14495: DNS - OOM DoS. [bsc#1060362] - CVE-2017-14496: DNS - DoS Integer underflow. [bsc#1060364] - Prevent a man-in-the-middle attack (bsc#972164, fate#321175). Furthermore, the following issues have been fixed: - Fix DHCP relaying, broken in 2.76 and 2.77. - Update to version 2.78 (fate#321175, fate#322030, bsc#1035227). - Fix PXE booting for UEFI architectures (fate#322030). - Drop PrivateDevices=yes which breaks logging (bsc#902511, bsc#904537) - Build with support for DNSSEC (fate#318323, bsc#908137). Please note that this update brings a (small) potential incompatibility in the handling of 'basename' in --pxe-service. Please read the CHANGELOG and the documentation if you are using this option.

Patchnames

SUSE-SLE-SERVER-12-2017-1616

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "important",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security update for dnsmasq",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "This update for dnsmasq fixes the following issues.\n\nRemedy the following security issues:\n\n- CVE-2017-14491: 2 byte heap based overflow. [bsc#1060354]\n- CVE-2017-14492: heap based overflow. [bsc#1060355]\n- CVE-2017-14493: stack based overflow. [bsc#1060360]\n- CVE-2017-14494: DHCP - info leak. [bsc#1060361]\n- CVE-2017-14495: DNS - OOM DoS. [bsc#1060362]\n- CVE-2017-14496: DNS - DoS Integer underflow. [bsc#1060364]\n- Prevent a man-in-the-middle attack (bsc#972164, fate#321175).\n\nFurthermore, the following issues have been fixed:\n\n- Fix DHCP relaying, broken in 2.76 and 2.77.\n- Update to version 2.78 (fate#321175, fate#322030, bsc#1035227).\n- Fix PXE booting for UEFI architectures (fate#322030).\n- Drop PrivateDevices=yes which breaks logging (bsc#902511, bsc#904537)\n- Build with support for DNSSEC (fate#318323, bsc#908137).\n\nPlease note that this update brings a (small) potential incompatibility in the\nhandling of 'basename' in --pxe-service. Please read the CHANGELOG and the\ndocumentation if you are using this option.\n\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "SUSE-SLE-SERVER-12-2017-1616",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2616-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2017:2616-1",
            url: "https://www.suse.com/support/update/announcement/2017/suse-su-20172616-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2017:2616-1",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2017-October/003268.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1035227",
            url: "https://bugzilla.suse.com/1035227",
         },
         {
            category: "self",
            summary: "SUSE Bug 1060354",
            url: "https://bugzilla.suse.com/1060354",
         },
         {
            category: "self",
            summary: "SUSE Bug 1060355",
            url: "https://bugzilla.suse.com/1060355",
         },
         {
            category: "self",
            summary: "SUSE Bug 1060360",
            url: "https://bugzilla.suse.com/1060360",
         },
         {
            category: "self",
            summary: "SUSE Bug 1060361",
            url: "https://bugzilla.suse.com/1060361",
         },
         {
            category: "self",
            summary: "SUSE Bug 1060362",
            url: "https://bugzilla.suse.com/1060362",
         },
         {
            category: "self",
            summary: "SUSE Bug 1060364",
            url: "https://bugzilla.suse.com/1060364",
         },
         {
            category: "self",
            summary: "SUSE Bug 902511",
            url: "https://bugzilla.suse.com/902511",
         },
         {
            category: "self",
            summary: "SUSE Bug 904537",
            url: "https://bugzilla.suse.com/904537",
         },
         {
            category: "self",
            summary: "SUSE Bug 908137",
            url: "https://bugzilla.suse.com/908137",
         },
         {
            category: "self",
            summary: "SUSE Bug 972164",
            url: "https://bugzilla.suse.com/972164",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2015-3294 page",
            url: "https://www.suse.com/security/cve/CVE-2015-3294/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2015-8899 page",
            url: "https://www.suse.com/security/cve/CVE-2015-8899/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-14491 page",
            url: "https://www.suse.com/security/cve/CVE-2017-14491/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-14492 page",
            url: "https://www.suse.com/security/cve/CVE-2017-14492/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-14493 page",
            url: "https://www.suse.com/security/cve/CVE-2017-14493/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-14494 page",
            url: "https://www.suse.com/security/cve/CVE-2017-14494/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-14495 page",
            url: "https://www.suse.com/security/cve/CVE-2017-14495/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-14496 page",
            url: "https://www.suse.com/security/cve/CVE-2017-14496/",
         },
      ],
      title: "Security update for dnsmasq",
      tracking: {
         current_release_date: "2017-10-02T13:53:30Z",
         generator: {
            date: "2017-10-02T13:53:30Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2017:2616-1",
         initial_release_date: "2017-10-02T13:53:30Z",
         revision_history: [
            {
               date: "2017-10-02T13:53:30Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "dnsmasq-2.78-6.6.1.ppc64le",
                        product: {
                           name: "dnsmasq-2.78-6.6.1.ppc64le",
                           product_id: "dnsmasq-2.78-6.6.1.ppc64le",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "dnsmasq-2.78-6.6.1.s390x",
                        product: {
                           name: "dnsmasq-2.78-6.6.1.s390x",
                           product_id: "dnsmasq-2.78-6.6.1.s390x",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "dnsmasq-2.78-6.6.1.x86_64",
                        product: {
                           name: "dnsmasq-2.78-6.6.1.x86_64",
                           product_id: "dnsmasq-2.78-6.6.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Server 12-LTSS",
                        product: {
                           name: "SUSE Linux Enterprise Server 12-LTSS",
                           product_id: "SUSE Linux Enterprise Server 12-LTSS",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sles-ltss:12",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "dnsmasq-2.78-6.6.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
               product_id: "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
            },
            product_reference: "dnsmasq-2.78-6.6.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "dnsmasq-2.78-6.6.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
               product_id: "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
            },
            product_reference: "dnsmasq-2.78-6.6.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "dnsmasq-2.78-6.6.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
               product_id: "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
            },
            product_reference: "dnsmasq-2.78-6.6.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2015-3294",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2015-3294",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2015-3294",
               url: "https://www.suse.com/security/cve/CVE-2015-3294",
            },
            {
               category: "external",
               summary: "SUSE Bug 923144 for CVE-2015-3294",
               url: "https://bugzilla.suse.com/923144",
            },
            {
               category: "external",
               summary: "SUSE Bug 928867 for CVE-2015-3294",
               url: "https://bugzilla.suse.com/928867",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-02T13:53:30Z",
               details: "moderate",
            },
         ],
         title: "CVE-2015-3294",
      },
      {
         cve: "CVE-2015-8899",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2015-8899",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2015-8899",
               url: "https://www.suse.com/security/cve/CVE-2015-8899",
            },
            {
               category: "external",
               summary: "SUSE Bug 983273 for CVE-2015-8899",
               url: "https://bugzilla.suse.com/983273",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-02T13:53:30Z",
               details: "moderate",
            },
         ],
         title: "CVE-2015-8899",
      },
      {
         cve: "CVE-2017-14491",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-14491",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-14491",
               url: "https://www.suse.com/security/cve/CVE-2017-14491",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060354 for CVE-2017-14491",
               url: "https://bugzilla.suse.com/1060354",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060360 for CVE-2017-14491",
               url: "https://bugzilla.suse.com/1060360",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060361 for CVE-2017-14491",
               url: "https://bugzilla.suse.com/1060361",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060362 for CVE-2017-14491",
               url: "https://bugzilla.suse.com/1060362",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060364 for CVE-2017-14491",
               url: "https://bugzilla.suse.com/1060364",
            },
            {
               category: "external",
               summary: "SUSE Bug 1063832 for CVE-2017-14491",
               url: "https://bugzilla.suse.com/1063832",
            },
            {
               category: "external",
               summary: "SUSE Bug 1143944 for CVE-2017-14491",
               url: "https://bugzilla.suse.com/1143944",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-02T13:53:30Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-14491",
      },
      {
         cve: "CVE-2017-14492",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-14492",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-14492",
               url: "https://www.suse.com/security/cve/CVE-2017-14492",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060355 for CVE-2017-14492",
               url: "https://bugzilla.suse.com/1060355",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060360 for CVE-2017-14492",
               url: "https://bugzilla.suse.com/1060360",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060361 for CVE-2017-14492",
               url: "https://bugzilla.suse.com/1060361",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060362 for CVE-2017-14492",
               url: "https://bugzilla.suse.com/1060362",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060364 for CVE-2017-14492",
               url: "https://bugzilla.suse.com/1060364",
            },
            {
               category: "external",
               summary: "SUSE Bug 1063832 for CVE-2017-14492",
               url: "https://bugzilla.suse.com/1063832",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-02T13:53:30Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-14492",
      },
      {
         cve: "CVE-2017-14493",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-14493",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-14493",
               url: "https://www.suse.com/security/cve/CVE-2017-14493",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060360 for CVE-2017-14493",
               url: "https://bugzilla.suse.com/1060360",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060361 for CVE-2017-14493",
               url: "https://bugzilla.suse.com/1060361",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060362 for CVE-2017-14493",
               url: "https://bugzilla.suse.com/1060362",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060364 for CVE-2017-14493",
               url: "https://bugzilla.suse.com/1060364",
            },
            {
               category: "external",
               summary: "SUSE Bug 1063832 for CVE-2017-14493",
               url: "https://bugzilla.suse.com/1063832",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-02T13:53:30Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-14493",
      },
      {
         cve: "CVE-2017-14494",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-14494",
            },
         ],
         notes: [
            {
               category: "general",
               text: "dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-14494",
               url: "https://www.suse.com/security/cve/CVE-2017-14494",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060360 for CVE-2017-14494",
               url: "https://bugzilla.suse.com/1060360",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060361 for CVE-2017-14494",
               url: "https://bugzilla.suse.com/1060361",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060362 for CVE-2017-14494",
               url: "https://bugzilla.suse.com/1060362",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060364 for CVE-2017-14494",
               url: "https://bugzilla.suse.com/1060364",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-02T13:53:30Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-14494",
      },
      {
         cve: "CVE-2017-14495",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-14495",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-14495",
               url: "https://www.suse.com/security/cve/CVE-2017-14495",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060360 for CVE-2017-14495",
               url: "https://bugzilla.suse.com/1060360",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060361 for CVE-2017-14495",
               url: "https://bugzilla.suse.com/1060361",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060362 for CVE-2017-14495",
               url: "https://bugzilla.suse.com/1060362",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060364 for CVE-2017-14495",
               url: "https://bugzilla.suse.com/1060364",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-02T13:53:30Z",
               details: "important",
            },
         ],
         title: "CVE-2017-14495",
      },
      {
         cve: "CVE-2017-14496",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-14496",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
               "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-14496",
               url: "https://www.suse.com/security/cve/CVE-2017-14496",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060360 for CVE-2017-14496",
               url: "https://bugzilla.suse.com/1060360",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060361 for CVE-2017-14496",
               url: "https://bugzilla.suse.com/1060361",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060362 for CVE-2017-14496",
               url: "https://bugzilla.suse.com/1060362",
            },
            {
               category: "external",
               summary: "SUSE Bug 1060364 for CVE-2017-14496",
               url: "https://bugzilla.suse.com/1060364",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
                  "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-02T13:53:30Z",
               details: "important",
            },
         ],
         title: "CVE-2017-14496",
      },
   ],
}

cve-2017-14494

Vulnerability from cvelistv5

Published

2017-10-02 21:00

Modified

2024-08-05 19:27

Severity ?

Summary

dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1039474	vdb-entry, x_refsource_SECTRACK
	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3989	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/security/vulnerabilities/3199382	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/101085	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-3430-1	vendor-advisory, x_refsource_UBUNTU
	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=33e3f1029c9ec6c63e430ff51063a6301d4b2262	x_refsource_CONFIRM
	https://www.kb.cert.org/vuls/id/973527	third-party-advisory, x_refsource_CERT-VN
	https://security.gentoo.org/glsa/201710-27	vendor-advisory, x_refsource_GENTOO
	http://www.ubuntu.com/usn/USN-3430-2	vendor-advisory, x_refsource_UBUNTU
	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2017:2836	vendor-advisory, x_refsource_REDHAT
	http://nvidia.custhelp.com/app/answers/detail/a_id/4561	x_refsource_CONFIRM
	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2837	vendor-advisory, x_refsource_REDHAT
	https://www.exploit-db.com/exploits/42944/	exploit, x_refsource_EXPLOIT-DB
	http://thekelleys.org.uk/dnsmasq/CHANGELOG	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html	vendor-advisory, x_refsource_SUSE
	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html	x_refsource_MISC
	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T19:27:40.722Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "1039474",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039474",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
               },
               {
                  name: "DSA-3989",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3989",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/vulnerabilities/3199382",
               },
               {
                  name: "101085",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/101085",
               },
               {
                  name: "USN-3430-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3430-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=33e3f1029c9ec6c63e430ff51063a6301d4b2262",
               },
               {
                  name: "VU#973527",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_CERT-VN",
                     "x_transferred",
                  ],
                  url: "https://www.kb.cert.org/vuls/id/973527",
               },
               {
                  name: "GLSA-201710-27",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/201710-27",
               },
               {
                  name: "USN-3430-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3430-2",
               },
               {
                  name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html",
               },
               {
                  name: "RHSA-2017:2836",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2836",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
               },
               {
                  name: "RHSA-2017:2837",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2837",
               },
               {
                  name: "42944",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/42944/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
               },
               {
                  name: "openSUSE-SU-2017:2633",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
               },
               {
                  name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-10-02T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-03-03T10:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "1039474",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039474",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
            },
            {
               name: "DSA-3989",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3989",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://access.redhat.com/security/vulnerabilities/3199382",
            },
            {
               name: "101085",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/101085",
            },
            {
               name: "USN-3430-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3430-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=33e3f1029c9ec6c63e430ff51063a6301d4b2262",
            },
            {
               name: "VU#973527",
               tags: [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
               ],
               url: "https://www.kb.cert.org/vuls/id/973527",
            },
            {
               name: "GLSA-201710-27",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/201710-27",
            },
            {
               name: "USN-3430-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3430-2",
            },
            {
               name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html",
            },
            {
               name: "RHSA-2017:2836",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2836",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
            },
            {
               name: "RHSA-2017:2837",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2837",
            },
            {
               name: "42944",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/42944/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
            },
            {
               name: "openSUSE-SU-2017:2633",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
            },
            {
               name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-14494",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "1039474",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039474",
                  },
                  {
                     name: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
                     refsource: "CONFIRM",
                     url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
                  },
                  {
                     name: "DSA-3989",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3989",
                  },
                  {
                     name: "https://access.redhat.com/security/vulnerabilities/3199382",
                     refsource: "CONFIRM",
                     url: "https://access.redhat.com/security/vulnerabilities/3199382",
                  },
                  {
                     name: "101085",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/101085",
                  },
                  {
                     name: "USN-3430-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3430-1",
                  },
                  {
                     name: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=33e3f1029c9ec6c63e430ff51063a6301d4b2262",
                     refsource: "CONFIRM",
                     url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=33e3f1029c9ec6c63e430ff51063a6301d4b2262",
                  },
                  {
                     name: "VU#973527",
                     refsource: "CERT-VN",
                     url: "https://www.kb.cert.org/vuls/id/973527",
                  },
                  {
                     name: "GLSA-201710-27",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/201710-27",
                  },
                  {
                     name: "USN-3430-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3430-2",
                  },
                  {
                     name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
                     refsource: "MLIST",
                     url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html",
                  },
                  {
                     name: "RHSA-2017:2836",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2836",
                  },
                  {
                     name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
                     refsource: "CONFIRM",
                     url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
                  },
                  {
                     name: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
                     refsource: "CONFIRM",
                     url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
                  },
                  {
                     name: "RHSA-2017:2837",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2837",
                  },
                  {
                     name: "42944",
                     refsource: "EXPLOIT-DB",
                     url: "https://www.exploit-db.com/exploits/42944/",
                  },
                  {
                     name: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
                     refsource: "CONFIRM",
                     url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
                  },
                  {
                     name: "openSUSE-SU-2017:2633",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html",
                  },
                  {
                     name: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
                     refsource: "MISC",
                     url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
                  },
                  {
                     name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
                     refsource: "MLIST",
                     url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-14494",
      datePublished: "2017-10-02T21:00:00",
      dateReserved: "2017-09-15T00:00:00",
      dateUpdated: "2024-08-05T19:27:40.722Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-14491

Vulnerability from cvelistv5

Published

2017-10-02 21:00

Modified

2024-08-05 19:27

Severity ?

Summary

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1039474	vdb-entry, x_refsource_SECTRACK
	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3989	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/security/vulnerabilities/3199382	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/101085	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-3430-1	vendor-advisory, x_refsource_UBUNTU
	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=0549c73b7ea6b22a3c49beb4d432f185a81efcbc	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/101977	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:2838	vendor-advisory, x_refsource_REDHAT
	https://www.kb.cert.org/vuls/id/973527	third-party-advisory, x_refsource_CERT-VN
	https://security.gentoo.org/glsa/201710-27	vendor-advisory, x_refsource_GENTOO
	https://access.redhat.com/errata/RHSA-2017:2840	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-3430-2	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2017:2839	vendor-advisory, x_refsource_REDHAT
	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2017:2836	vendor-advisory, x_refsource_REDHAT
	http://nvidia.custhelp.com/app/answers/detail/a_id/4561	x_refsource_CONFIRM
	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2837	vendor-advisory, x_refsource_REDHAT
	https://www.exploit-db.com/exploits/42941/	exploit, x_refsource_EXPLOIT-DB
	http://thekelleys.org.uk/dnsmasq/CHANGELOG	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2841	vendor-advisory, x_refsource_REDHAT
	http://nvidia.custhelp.com/app/answers/detail/a_id/4560	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html	vendor-advisory, x_refsource_SUSE
	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html	x_refsource_MISC
	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html	mailing-list, x_refsource_MLIST
	https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf	x_refsource_CONFIRM
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/	vendor-advisory, x_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/	vendor-advisory, x_refsource_FEDORA
	http://www.ubuntu.com/usn/USN-3430-3	vendor-advisory, x_refsource_UBUNTU
	http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html	vendor-advisory, x_refsource_SUSE
	https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/	x_refsource_CONFIRM
	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en	x_refsource_CONFIRM
	https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449	x_refsource_CONFIRM
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html	vendor-advisory, x_refsource_SUSE
	https://www.debian.org/security/2017/dsa-3989	vendor-advisory, x_refsource_DEBIAN
	https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T19:27:40.755Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "1039474",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039474",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
               },
               {
                  name: "DSA-3989",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3989",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/vulnerabilities/3199382",
               },
               {
                  name: "101085",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/101085",
               },
               {
                  name: "USN-3430-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3430-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=0549c73b7ea6b22a3c49beb4d432f185a81efcbc",
               },
               {
                  name: "101977",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/101977",
               },
               {
                  name: "RHSA-2017:2838",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2838",
               },
               {
                  name: "VU#973527",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_CERT-VN",
                     "x_transferred",
                  ],
                  url: "https://www.kb.cert.org/vuls/id/973527",
               },
               {
                  name: "GLSA-201710-27",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/201710-27",
               },
               {
                  name: "RHSA-2017:2840",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2840",
               },
               {
                  name: "USN-3430-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3430-2",
               },
               {
                  name: "RHSA-2017:2839",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2839",
               },
               {
                  name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html",
               },
               {
                  name: "RHSA-2017:2836",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2836",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
               },
               {
                  name: "RHSA-2017:2837",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2837",
               },
               {
                  name: "42941",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/42941/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
               },
               {
                  name: "RHSA-2017:2841",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2841",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4560",
               },
               {
                  name: "openSUSE-SU-2017:2633",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
               },
               {
                  name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf",
               },
               {
                  name: "FEDORA-2017-515264ae24",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/",
               },
               {
                  name: "FEDORA-2017-24f067299e",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/",
               },
               {
                  name: "USN-3430-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3430-3",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html",
               },
               {
                  name: "SUSE-SU-2017:2619",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449",
               },
               {
                  name: "FEDORA-2017-7106a157f5",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/",
               },
               {
                  name: "SUSE-SU-2017:2616",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html",
               },
               {
                  name: "SUSE-SU-2017:2617",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html",
               },
               {
                  name: "DSA-3989",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2017/dsa-3989",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-10-02T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-11-08T11:42:39",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "1039474",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039474",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
            },
            {
               name: "DSA-3989",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3989",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://access.redhat.com/security/vulnerabilities/3199382",
            },
            {
               name: "101085",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/101085",
            },
            {
               name: "USN-3430-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3430-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=0549c73b7ea6b22a3c49beb4d432f185a81efcbc",
            },
            {
               name: "101977",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/101977",
            },
            {
               name: "RHSA-2017:2838",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2838",
            },
            {
               name: "VU#973527",
               tags: [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
               ],
               url: "https://www.kb.cert.org/vuls/id/973527",
            },
            {
               name: "GLSA-201710-27",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/201710-27",
            },
            {
               name: "RHSA-2017:2840",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2840",
            },
            {
               name: "USN-3430-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3430-2",
            },
            {
               name: "RHSA-2017:2839",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2839",
            },
            {
               name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html",
            },
            {
               name: "RHSA-2017:2836",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2836",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
            },
            {
               name: "RHSA-2017:2837",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2837",
            },
            {
               name: "42941",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/42941/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
            },
            {
               name: "RHSA-2017:2841",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2841",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4560",
            },
            {
               name: "openSUSE-SU-2017:2633",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
            },
            {
               name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf",
            },
            {
               name: "FEDORA-2017-515264ae24",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/",
            },
            {
               name: "FEDORA-2017-24f067299e",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/",
            },
            {
               name: "USN-3430-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3430-3",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html",
            },
            {
               name: "SUSE-SU-2017:2619",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449",
            },
            {
               name: "FEDORA-2017-7106a157f5",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/",
            },
            {
               name: "SUSE-SU-2017:2616",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html",
            },
            {
               name: "SUSE-SU-2017:2617",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html",
            },
            {
               name: "DSA-3989",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2017/dsa-3989",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-14491",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "1039474",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039474",
                  },
                  {
                     name: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
                     refsource: "CONFIRM",
                     url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
                  },
                  {
                     name: "DSA-3989",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3989",
                  },
                  {
                     name: "https://access.redhat.com/security/vulnerabilities/3199382",
                     refsource: "CONFIRM",
                     url: "https://access.redhat.com/security/vulnerabilities/3199382",
                  },
                  {
                     name: "101085",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/101085",
                  },
                  {
                     name: "USN-3430-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3430-1",
                  },
                  {
                     name: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=0549c73b7ea6b22a3c49beb4d432f185a81efcbc",
                     refsource: "CONFIRM",
                     url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=0549c73b7ea6b22a3c49beb4d432f185a81efcbc",
                  },
                  {
                     name: "101977",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/101977",
                  },
                  {
                     name: "RHSA-2017:2838",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2838",
                  },
                  {
                     name: "VU#973527",
                     refsource: "CERT-VN",
                     url: "https://www.kb.cert.org/vuls/id/973527",
                  },
                  {
                     name: "GLSA-201710-27",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/201710-27",
                  },
                  {
                     name: "RHSA-2017:2840",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2840",
                  },
                  {
                     name: "USN-3430-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3430-2",
                  },
                  {
                     name: "RHSA-2017:2839",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2839",
                  },
                  {
                     name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
                     refsource: "MLIST",
                     url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html",
                  },
                  {
                     name: "RHSA-2017:2836",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2836",
                  },
                  {
                     name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
                     refsource: "CONFIRM",
                     url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
                  },
                  {
                     name: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
                     refsource: "CONFIRM",
                     url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
                  },
                  {
                     name: "RHSA-2017:2837",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2837",
                  },
                  {
                     name: "42941",
                     refsource: "EXPLOIT-DB",
                     url: "https://www.exploit-db.com/exploits/42941/",
                  },
                  {
                     name: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
                     refsource: "CONFIRM",
                     url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
                  },
                  {
                     name: "RHSA-2017:2841",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2841",
                  },
                  {
                     name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4560",
                     refsource: "CONFIRM",
                     url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4560",
                  },
                  {
                     name: "openSUSE-SU-2017:2633",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html",
                  },
                  {
                     name: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
                     refsource: "MISC",
                     url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
                  },
                  {
                     name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
                     refsource: "MLIST",
                     url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html",
                  },
                  {
                     name: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf",
                     refsource: "CONFIRM",
                     url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf",
                  },
                  {
                     name: "FEDORA-2017-515264ae24",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/",
                  },
                  {
                     name: "FEDORA-2017-24f067299e",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/",
                  },
                  {
                     name: "USN-3430-3",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3430-3",
                  },
                  {
                     name: "http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html",
                     refsource: "MISC",
                     url: "http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html",
                  },
                  {
                     name: "SUSE-SU-2017:2619",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html",
                  },
                  {
                     name: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/",
                     refsource: "CONFIRM",
                     url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/",
                  },
                  {
                     name: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en",
                     refsource: "CONFIRM",
                     url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en",
                  },
                  {
                     name: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449",
                     refsource: "CONFIRM",
                     url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449",
                  },
                  {
                     name: "FEDORA-2017-7106a157f5",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/",
                  },
                  {
                     name: "SUSE-SU-2017:2616",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html",
                  },
                  {
                     name: "SUSE-SU-2017:2617",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html",
                  },
                  {
                     name: "DSA-3989",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2017/dsa-3989",
                  },
                  {
                     name: "https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30",
                     refsource: "MISC",
                     url: "https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-14491",
      datePublished: "2017-10-02T21:00:00",
      dateReserved: "2017-09-15T00:00:00",
      dateUpdated: "2024-08-05T19:27:40.755Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-14496

Vulnerability from cvelistv5

Published

2017-10-02 21:00

Modified

2024-08-05 19:27

Severity ?

Summary

Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1039474	vdb-entry, x_refsource_SECTRACK
	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3989	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/security/vulnerabilities/3199382	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/101085	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-3430-1	vendor-advisory, x_refsource_UBUNTU
	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=897c113fda0886a28a986cc6ba17bb93bd6cb1c7	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/101977	vdb-entry, x_refsource_BID
	https://www.kb.cert.org/vuls/id/973527	third-party-advisory, x_refsource_CERT-VN
	https://security.gentoo.org/glsa/201710-27	vendor-advisory, x_refsource_GENTOO
	http://www.ubuntu.com/usn/USN-3430-2	vendor-advisory, x_refsource_UBUNTU
	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html	mailing-list, x_refsource_MLIST
	https://source.android.com/security/bulletin/2017-10-01	x_refsource_CONFIRM
	https://www.exploit-db.com/exploits/42946/	exploit, x_refsource_EXPLOIT-DB
	https://access.redhat.com/errata/RHSA-2017:2836	vendor-advisory, x_refsource_REDHAT
	http://nvidia.custhelp.com/app/answers/detail/a_id/4561	x_refsource_CONFIRM
	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt	x_refsource_CONFIRM
	http://thekelleys.org.uk/dnsmasq/CHANGELOG	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html	vendor-advisory, x_refsource_SUSE
	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html	x_refsource_MISC
	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html	mailing-list, x_refsource_MLIST
	https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T19:27:40.768Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "1039474",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039474",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
               },
               {
                  name: "DSA-3989",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3989",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/vulnerabilities/3199382",
               },
               {
                  name: "101085",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/101085",
               },
               {
                  name: "USN-3430-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3430-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=897c113fda0886a28a986cc6ba17bb93bd6cb1c7",
               },
               {
                  name: "101977",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/101977",
               },
               {
                  name: "VU#973527",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_CERT-VN",
                     "x_transferred",
                  ],
                  url: "https://www.kb.cert.org/vuls/id/973527",
               },
               {
                  name: "GLSA-201710-27",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/201710-27",
               },
               {
                  name: "USN-3430-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3430-2",
               },
               {
                  name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-10-01",
               },
               {
                  name: "42946",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/42946/",
               },
               {
                  name: "RHSA-2017:2836",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2836",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
               },
               {
                  name: "openSUSE-SU-2017:2633",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
               },
               {
                  name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-10-02T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-05-10T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "1039474",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039474",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
            },
            {
               name: "DSA-3989",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3989",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://access.redhat.com/security/vulnerabilities/3199382",
            },
            {
               name: "101085",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/101085",
            },
            {
               name: "USN-3430-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3430-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=897c113fda0886a28a986cc6ba17bb93bd6cb1c7",
            },
            {
               name: "101977",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/101977",
            },
            {
               name: "VU#973527",
               tags: [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
               ],
               url: "https://www.kb.cert.org/vuls/id/973527",
            },
            {
               name: "GLSA-201710-27",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/201710-27",
            },
            {
               name: "USN-3430-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3430-2",
            },
            {
               name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-10-01",
            },
            {
               name: "42946",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/42946/",
            },
            {
               name: "RHSA-2017:2836",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2836",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
            },
            {
               name: "openSUSE-SU-2017:2633",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
            },
            {
               name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-14496",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "1039474",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039474",
                  },
                  {
                     name: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
                     refsource: "CONFIRM",
                     url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
                  },
                  {
                     name: "DSA-3989",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3989",
                  },
                  {
                     name: "https://access.redhat.com/security/vulnerabilities/3199382",
                     refsource: "CONFIRM",
                     url: "https://access.redhat.com/security/vulnerabilities/3199382",
                  },
                  {
                     name: "101085",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/101085",
                  },
                  {
                     name: "USN-3430-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3430-1",
                  },
                  {
                     name: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=897c113fda0886a28a986cc6ba17bb93bd6cb1c7",
                     refsource: "CONFIRM",
                     url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=897c113fda0886a28a986cc6ba17bb93bd6cb1c7",
                  },
                  {
                     name: "101977",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/101977",
                  },
                  {
                     name: "VU#973527",
                     refsource: "CERT-VN",
                     url: "https://www.kb.cert.org/vuls/id/973527",
                  },
                  {
                     name: "GLSA-201710-27",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/201710-27",
                  },
                  {
                     name: "USN-3430-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3430-2",
                  },
                  {
                     name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
                     refsource: "MLIST",
                     url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/2017-10-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2017-10-01",
                  },
                  {
                     name: "42946",
                     refsource: "EXPLOIT-DB",
                     url: "https://www.exploit-db.com/exploits/42946/",
                  },
                  {
                     name: "RHSA-2017:2836",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2836",
                  },
                  {
                     name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
                     refsource: "CONFIRM",
                     url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
                  },
                  {
                     name: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
                     refsource: "CONFIRM",
                     url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
                  },
                  {
                     name: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
                     refsource: "CONFIRM",
                     url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
                  },
                  {
                     name: "openSUSE-SU-2017:2633",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html",
                  },
                  {
                     name: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
                     refsource: "MISC",
                     url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
                  },
                  {
                     name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
                     refsource: "MLIST",
                     url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html",
                  },
                  {
                     name: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf",
                     refsource: "CONFIRM",
                     url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-14496",
      datePublished: "2017-10-02T21:00:00",
      dateReserved: "2017-09-15T00:00:00",
      dateUpdated: "2024-08-05T19:27:40.768Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2015-3294

Vulnerability from cvelistv5

Published

2015-05-08 14:00

Modified

2024-08-06 05:39

Severity ?

Summary

The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.

References

▼	URL	Tags
	http://www.debian.org/security/2015/dsa-3251	vendor-advisory, x_refsource_DEBIAN
	http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html	vendor-advisory, x_refsource_SUSE
	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=ad4a8ff7d9097008d7623df8543df435bfddeac8	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2593-1	vendor-advisory, x_refsource_UBUNTU
	https://security.gentoo.org/glsa/201512-01	vendor-advisory, x_refsource_GENTOO
	http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html	mailing-list, x_refsource_MLIST
	http://www.securitytracker.com/id/1032195	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/74452	vdb-entry, x_refsource_BID
	http://www.securityfocus.com/archive/1/535354/100/1100/threaded	mailing-list, x_refsource_BUGTRAQ

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T05:39:32.054Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "DSA-3251",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2015/dsa-3251",
               },
               {
                  name: "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html",
               },
               {
                  name: "openSUSE-SU-2015:0857",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=ad4a8ff7d9097008d7623df8543df435bfddeac8",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
               },
               {
                  name: "USN-2593-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2593-1",
               },
               {
                  name: "GLSA-201512-01",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/201512-01",
               },
               {
                  name: "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html",
               },
               {
                  name: "1032195",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032195",
               },
               {
                  name: "74452",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/74452",
               },
               {
                  name: "20150423 Dnsmasq 2.72 Unchecked returned value",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/archive/1/535354/100/1100/threaded",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2015-04-07T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-10-09T18:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "DSA-3251",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2015/dsa-3251",
            },
            {
               name: "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html",
            },
            {
               name: "openSUSE-SU-2015:0857",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=ad4a8ff7d9097008d7623df8543df435bfddeac8",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
            },
            {
               name: "USN-2593-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2593-1",
            },
            {
               name: "GLSA-201512-01",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/201512-01",
            },
            {
               name: "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html",
            },
            {
               name: "1032195",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1032195",
            },
            {
               name: "74452",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/74452",
            },
            {
               name: "20150423 Dnsmasq 2.72 Unchecked returned value",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://www.securityfocus.com/archive/1/535354/100/1100/threaded",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2015-3294",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "DSA-3251",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2015/dsa-3251",
                  },
                  {
                     name: "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability",
                     refsource: "MLIST",
                     url: "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html",
                  },
                  {
                     name: "openSUSE-SU-2015:0857",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html",
                  },
                  {
                     name: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8",
                     refsource: "CONFIRM",
                     url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
                  },
                  {
                     name: "USN-2593-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2593-1",
                  },
                  {
                     name: "GLSA-201512-01",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/201512-01",
                  },
                  {
                     name: "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability",
                     refsource: "MLIST",
                     url: "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html",
                  },
                  {
                     name: "1032195",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1032195",
                  },
                  {
                     name: "74452",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/74452",
                  },
                  {
                     name: "20150423 Dnsmasq 2.72 Unchecked returned value",
                     refsource: "BUGTRAQ",
                     url: "http://www.securityfocus.com/archive/1/535354/100/1100/threaded",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2015-3294",
      datePublished: "2015-05-08T14:00:00",
      dateReserved: "2015-04-10T00:00:00",
      dateUpdated: "2024-08-06T05:39:32.054Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-14493

Vulnerability from cvelistv5

Published

2017-10-02 21:00

Modified

2024-08-05 19:27

Severity ?

Summary

Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1039474	vdb-entry, x_refsource_SECTRACK
	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3989	vendor-advisory, x_refsource_DEBIAN
	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=3d4ff1ba8419546490b464418223132529514033	x_refsource_CONFIRM
	https://access.redhat.com/security/vulnerabilities/3199382	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/101085	vdb-entry, x_refsource_BID
	https://www.exploit-db.com/exploits/42943/	exploit, x_refsource_EXPLOIT-DB
	http://www.ubuntu.com/usn/USN-3430-1	vendor-advisory, x_refsource_UBUNTU
	https://www.kb.cert.org/vuls/id/973527	third-party-advisory, x_refsource_CERT-VN
	https://security.gentoo.org/glsa/201710-27	vendor-advisory, x_refsource_GENTOO
	http://www.ubuntu.com/usn/USN-3430-2	vendor-advisory, x_refsource_UBUNTU
	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2017:2836	vendor-advisory, x_refsource_REDHAT
	http://nvidia.custhelp.com/app/answers/detail/a_id/4561	x_refsource_CONFIRM
	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2837	vendor-advisory, x_refsource_REDHAT
	http://thekelleys.org.uk/dnsmasq/CHANGELOG	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html	vendor-advisory, x_refsource_SUSE
	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html	x_refsource_MISC
	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T19:27:40.669Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "1039474",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039474",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
               },
               {
                  name: "DSA-3989",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3989",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=3d4ff1ba8419546490b464418223132529514033",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/vulnerabilities/3199382",
               },
               {
                  name: "101085",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/101085",
               },
               {
                  name: "42943",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/42943/",
               },
               {
                  name: "USN-3430-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3430-1",
               },
               {
                  name: "VU#973527",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_CERT-VN",
                     "x_transferred",
                  ],
                  url: "https://www.kb.cert.org/vuls/id/973527",
               },
               {
                  name: "GLSA-201710-27",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/201710-27",
               },
               {
                  name: "USN-3430-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3430-2",
               },
               {
                  name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html",
               },
               {
                  name: "RHSA-2017:2836",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2836",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
               },
               {
                  name: "RHSA-2017:2837",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2837",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
               },
               {
                  name: "openSUSE-SU-2017:2633",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
               },
               {
                  name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-10-02T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-03-03T10:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "1039474",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039474",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
            },
            {
               name: "DSA-3989",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3989",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=3d4ff1ba8419546490b464418223132529514033",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://access.redhat.com/security/vulnerabilities/3199382",
            },
            {
               name: "101085",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/101085",
            },
            {
               name: "42943",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/42943/",
            },
            {
               name: "USN-3430-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3430-1",
            },
            {
               name: "VU#973527",
               tags: [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
               ],
               url: "https://www.kb.cert.org/vuls/id/973527",
            },
            {
               name: "GLSA-201710-27",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/201710-27",
            },
            {
               name: "USN-3430-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3430-2",
            },
            {
               name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html",
            },
            {
               name: "RHSA-2017:2836",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2836",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
            },
            {
               name: "RHSA-2017:2837",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2837",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
            },
            {
               name: "openSUSE-SU-2017:2633",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
            },
            {
               name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-14493",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "1039474",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039474",
                  },
                  {
                     name: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
                     refsource: "CONFIRM",
                     url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
                  },
                  {
                     name: "DSA-3989",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3989",
                  },
                  {
                     name: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=3d4ff1ba8419546490b464418223132529514033",
                     refsource: "CONFIRM",
                     url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=3d4ff1ba8419546490b464418223132529514033",
                  },
                  {
                     name: "https://access.redhat.com/security/vulnerabilities/3199382",
                     refsource: "CONFIRM",
                     url: "https://access.redhat.com/security/vulnerabilities/3199382",
                  },
                  {
                     name: "101085",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/101085",
                  },
                  {
                     name: "42943",
                     refsource: "EXPLOIT-DB",
                     url: "https://www.exploit-db.com/exploits/42943/",
                  },
                  {
                     name: "USN-3430-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3430-1",
                  },
                  {
                     name: "VU#973527",
                     refsource: "CERT-VN",
                     url: "https://www.kb.cert.org/vuls/id/973527",
                  },
                  {
                     name: "GLSA-201710-27",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/201710-27",
                  },
                  {
                     name: "USN-3430-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3430-2",
                  },
                  {
                     name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
                     refsource: "MLIST",
                     url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html",
                  },
                  {
                     name: "RHSA-2017:2836",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2836",
                  },
                  {
                     name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
                     refsource: "CONFIRM",
                     url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
                  },
                  {
                     name: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
                     refsource: "CONFIRM",
                     url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
                  },
                  {
                     name: "RHSA-2017:2837",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2837",
                  },
                  {
                     name: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
                     refsource: "CONFIRM",
                     url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
                  },
                  {
                     name: "openSUSE-SU-2017:2633",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html",
                  },
                  {
                     name: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
                     refsource: "MISC",
                     url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
                  },
                  {
                     name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
                     refsource: "MLIST",
                     url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-14493",
      datePublished: "2017-10-02T21:00:00",
      dateReserved: "2017-09-15T00:00:00",
      dateUpdated: "2024-08-05T19:27:40.669Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-14492

Vulnerability from cvelistv5

Published

2017-10-02 21:00

Modified

2024-08-05 19:27

Severity ?

Summary

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1039474	vdb-entry, x_refsource_SECTRACK
	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3989	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/security/vulnerabilities/3199382	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/101085	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-3430-1	vendor-advisory, x_refsource_UBUNTU
	https://www.kb.cert.org/vuls/id/973527	third-party-advisory, x_refsource_CERT-VN
	https://security.gentoo.org/glsa/201710-27	vendor-advisory, x_refsource_GENTOO
	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=24036ea507862c7b7898b68289c8130f85599c10	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3430-2	vendor-advisory, x_refsource_UBUNTU
	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html	mailing-list, x_refsource_MLIST
	https://www.exploit-db.com/exploits/42942/	exploit, x_refsource_EXPLOIT-DB
	https://access.redhat.com/errata/RHSA-2017:2836	vendor-advisory, x_refsource_REDHAT
	http://nvidia.custhelp.com/app/answers/detail/a_id/4561	x_refsource_CONFIRM
	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2837	vendor-advisory, x_refsource_REDHAT
	http://thekelleys.org.uk/dnsmasq/CHANGELOG	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html	vendor-advisory, x_refsource_SUSE
	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html	x_refsource_MISC
	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T19:27:40.807Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "1039474",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039474",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
               },
               {
                  name: "DSA-3989",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3989",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/vulnerabilities/3199382",
               },
               {
                  name: "101085",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/101085",
               },
               {
                  name: "USN-3430-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3430-1",
               },
               {
                  name: "VU#973527",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_CERT-VN",
                     "x_transferred",
                  ],
                  url: "https://www.kb.cert.org/vuls/id/973527",
               },
               {
                  name: "GLSA-201710-27",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/201710-27",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=24036ea507862c7b7898b68289c8130f85599c10",
               },
               {
                  name: "USN-3430-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3430-2",
               },
               {
                  name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html",
               },
               {
                  name: "42942",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/42942/",
               },
               {
                  name: "RHSA-2017:2836",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2836",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
               },
               {
                  name: "RHSA-2017:2837",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2837",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
               },
               {
                  name: "openSUSE-SU-2017:2633",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
               },
               {
                  name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-10-02T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-03-03T10:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "1039474",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039474",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
            },
            {
               name: "DSA-3989",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3989",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://access.redhat.com/security/vulnerabilities/3199382",
            },
            {
               name: "101085",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/101085",
            },
            {
               name: "USN-3430-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3430-1",
            },
            {
               name: "VU#973527",
               tags: [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
               ],
               url: "https://www.kb.cert.org/vuls/id/973527",
            },
            {
               name: "GLSA-201710-27",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/201710-27",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=24036ea507862c7b7898b68289c8130f85599c10",
            },
            {
               name: "USN-3430-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3430-2",
            },
            {
               name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html",
            },
            {
               name: "42942",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/42942/",
            },
            {
               name: "RHSA-2017:2836",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2836",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
            },
            {
               name: "RHSA-2017:2837",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2837",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
            },
            {
               name: "openSUSE-SU-2017:2633",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
            },
            {
               name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-14492",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "1039474",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039474",
                  },
                  {
                     name: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
                     refsource: "CONFIRM",
                     url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
                  },
                  {
                     name: "DSA-3989",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3989",
                  },
                  {
                     name: "https://access.redhat.com/security/vulnerabilities/3199382",
                     refsource: "CONFIRM",
                     url: "https://access.redhat.com/security/vulnerabilities/3199382",
                  },
                  {
                     name: "101085",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/101085",
                  },
                  {
                     name: "USN-3430-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3430-1",
                  },
                  {
                     name: "VU#973527",
                     refsource: "CERT-VN",
                     url: "https://www.kb.cert.org/vuls/id/973527",
                  },
                  {
                     name: "GLSA-201710-27",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/201710-27",
                  },
                  {
                     name: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=24036ea507862c7b7898b68289c8130f85599c10",
                     refsource: "CONFIRM",
                     url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=24036ea507862c7b7898b68289c8130f85599c10",
                  },
                  {
                     name: "USN-3430-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3430-2",
                  },
                  {
                     name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
                     refsource: "MLIST",
                     url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html",
                  },
                  {
                     name: "42942",
                     refsource: "EXPLOIT-DB",
                     url: "https://www.exploit-db.com/exploits/42942/",
                  },
                  {
                     name: "RHSA-2017:2836",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2836",
                  },
                  {
                     name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
                     refsource: "CONFIRM",
                     url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
                  },
                  {
                     name: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
                     refsource: "CONFIRM",
                     url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
                  },
                  {
                     name: "RHSA-2017:2837",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2837",
                  },
                  {
                     name: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
                     refsource: "CONFIRM",
                     url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
                  },
                  {
                     name: "openSUSE-SU-2017:2633",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html",
                  },
                  {
                     name: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
                     refsource: "MISC",
                     url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
                  },
                  {
                     name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
                     refsource: "MLIST",
                     url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-14492",
      datePublished: "2017-10-02T21:00:00",
      dateReserved: "2017-09-15T00:00:00",
      dateUpdated: "2024-08-05T19:27:40.807Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2015-8899

Vulnerability from cvelistv5

Published

2016-06-30 17:00

Modified

2024-08-06 08:29

Severity ?

Summary

Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/91031	vdb-entry, x_refsource_BID
	http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-3009-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010505.html	mailing-list, x_refsource_MLIST
	http://www.openwall.com/lists/oss-security/2016/06/04/2	mailing-list, x_refsource_MLIST
	http://www.securitytracker.com/id/1036045	vdb-entry, x_refsource_SECTRACK
	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=41a8d9e99be9f2cc8b02051dd322cb45e0faac87	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2016/06/03/7	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T08:29:22.024Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "91031",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/91031",
               },
               {
                  name: "[Dnsmasq-discuss] 20160418 Dnsmasq 2.75 on Ubuntu 16.04 crashes reproducibly",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html",
               },
               {
                  name: "USN-3009-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3009-1",
               },
               {
                  name: "[Dnsmasq-discuss] 20160503 Dnsmasq 2.75 on Ubuntu 16.04 crashes reproducibly",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010505.html",
               },
               {
                  name: "[oss-security] 20160603 Re: CVE Request: Dnsmasq denial of service",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/06/04/2",
               },
               {
                  name: "1036045",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1036045",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=41a8d9e99be9f2cc8b02051dd322cb45e0faac87",
               },
               {
                  name: "[oss-security] 20160603 CVE Request: Dnsmasq denial of service",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/06/03/7",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-04-18T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-11-25T19:57:01",
            orgId: "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            shortName: "canonical",
         },
         references: [
            {
               name: "91031",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/91031",
            },
            {
               name: "[Dnsmasq-discuss] 20160418 Dnsmasq 2.75 on Ubuntu 16.04 crashes reproducibly",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html",
            },
            {
               name: "USN-3009-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3009-1",
            },
            {
               name: "[Dnsmasq-discuss] 20160503 Dnsmasq 2.75 on Ubuntu 16.04 crashes reproducibly",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010505.html",
            },
            {
               name: "[oss-security] 20160603 Re: CVE Request: Dnsmasq denial of service",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/06/04/2",
            },
            {
               name: "1036045",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1036045",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=41a8d9e99be9f2cc8b02051dd322cb45e0faac87",
            },
            {
               name: "[oss-security] 20160603 CVE Request: Dnsmasq denial of service",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/06/03/7",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@ubuntu.com",
               ID: "CVE-2015-8899",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "91031",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/91031",
                  },
                  {
                     name: "[Dnsmasq-discuss] 20160418 Dnsmasq 2.75 on Ubuntu 16.04 crashes reproducibly",
                     refsource: "MLIST",
                     url: "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html",
                  },
                  {
                     name: "USN-3009-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3009-1",
                  },
                  {
                     name: "[Dnsmasq-discuss] 20160503 Dnsmasq 2.75 on Ubuntu 16.04 crashes reproducibly",
                     refsource: "MLIST",
                     url: "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010505.html",
                  },
                  {
                     name: "[oss-security] 20160603 Re: CVE Request: Dnsmasq denial of service",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/06/04/2",
                  },
                  {
                     name: "1036045",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1036045",
                  },
                  {
                     name: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=41a8d9e99be9f2cc8b02051dd322cb45e0faac87",
                     refsource: "CONFIRM",
                     url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=41a8d9e99be9f2cc8b02051dd322cb45e0faac87",
                  },
                  {
                     name: "[oss-security] 20160603 CVE Request: Dnsmasq denial of service",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/06/03/7",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "cc1ad9ee-3454-478d-9317-d3e869d708bc",
      assignerShortName: "canonical",
      cveId: "CVE-2015-8899",
      datePublished: "2016-06-30T17:00:00",
      dateReserved: "2016-06-03T00:00:00",
      dateUpdated: "2024-08-06T08:29:22.024Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-14495

Vulnerability from cvelistv5

Published

2017-10-02 21:00

Modified

2024-08-05 19:27

Severity ?

Summary

Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1039474	vdb-entry, x_refsource_SECTRACK
	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3989	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/security/vulnerabilities/3199382	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/101085	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-3430-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/101977	vdb-entry, x_refsource_BID
	https://www.kb.cert.org/vuls/id/973527	third-party-advisory, x_refsource_CERT-VN
	https://security.gentoo.org/glsa/201710-27	vendor-advisory, x_refsource_GENTOO
	http://www.ubuntu.com/usn/USN-3430-2	vendor-advisory, x_refsource_UBUNTU
	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2017:2836	vendor-advisory, x_refsource_REDHAT
	http://nvidia.custhelp.com/app/answers/detail/a_id/4561	x_refsource_CONFIRM
	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt	x_refsource_CONFIRM
	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=51eadb692a5123b9838e5a68ecace3ac579a3a45	x_refsource_CONFIRM
	https://www.exploit-db.com/exploits/42945/	exploit, x_refsource_EXPLOIT-DB
	http://thekelleys.org.uk/dnsmasq/CHANGELOG	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html	vendor-advisory, x_refsource_SUSE
	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html	x_refsource_MISC
	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html	mailing-list, x_refsource_MLIST
	https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T19:27:40.779Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "1039474",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039474",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
               },
               {
                  name: "DSA-3989",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3989",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/vulnerabilities/3199382",
               },
               {
                  name: "101085",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/101085",
               },
               {
                  name: "USN-3430-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3430-1",
               },
               {
                  name: "101977",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/101977",
               },
               {
                  name: "VU#973527",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_CERT-VN",
                     "x_transferred",
                  ],
                  url: "https://www.kb.cert.org/vuls/id/973527",
               },
               {
                  name: "GLSA-201710-27",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/201710-27",
               },
               {
                  name: "USN-3430-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3430-2",
               },
               {
                  name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html",
               },
               {
                  name: "RHSA-2017:2836",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2836",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=51eadb692a5123b9838e5a68ecace3ac579a3a45",
               },
               {
                  name: "42945",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/42945/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
               },
               {
                  name: "openSUSE-SU-2017:2633",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
               },
               {
                  name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-10-02T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-05-10T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "1039474",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039474",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
            },
            {
               name: "DSA-3989",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3989",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://access.redhat.com/security/vulnerabilities/3199382",
            },
            {
               name: "101085",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/101085",
            },
            {
               name: "USN-3430-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3430-1",
            },
            {
               name: "101977",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/101977",
            },
            {
               name: "VU#973527",
               tags: [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
               ],
               url: "https://www.kb.cert.org/vuls/id/973527",
            },
            {
               name: "GLSA-201710-27",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/201710-27",
            },
            {
               name: "USN-3430-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3430-2",
            },
            {
               name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html",
            },
            {
               name: "RHSA-2017:2836",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2836",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=51eadb692a5123b9838e5a68ecace3ac579a3a45",
            },
            {
               name: "42945",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/42945/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
            },
            {
               name: "openSUSE-SU-2017:2633",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
            },
            {
               name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-14495",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "1039474",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039474",
                  },
                  {
                     name: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
                     refsource: "CONFIRM",
                     url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
                  },
                  {
                     name: "DSA-3989",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3989",
                  },
                  {
                     name: "https://access.redhat.com/security/vulnerabilities/3199382",
                     refsource: "CONFIRM",
                     url: "https://access.redhat.com/security/vulnerabilities/3199382",
                  },
                  {
                     name: "101085",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/101085",
                  },
                  {
                     name: "USN-3430-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3430-1",
                  },
                  {
                     name: "101977",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/101977",
                  },
                  {
                     name: "VU#973527",
                     refsource: "CERT-VN",
                     url: "https://www.kb.cert.org/vuls/id/973527",
                  },
                  {
                     name: "GLSA-201710-27",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/201710-27",
                  },
                  {
                     name: "USN-3430-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3430-2",
                  },
                  {
                     name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
                     refsource: "MLIST",
                     url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html",
                  },
                  {
                     name: "RHSA-2017:2836",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2836",
                  },
                  {
                     name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
                     refsource: "CONFIRM",
                     url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
                  },
                  {
                     name: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
                     refsource: "CONFIRM",
                     url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt",
                  },
                  {
                     name: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=51eadb692a5123b9838e5a68ecace3ac579a3a45",
                     refsource: "CONFIRM",
                     url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=51eadb692a5123b9838e5a68ecace3ac579a3a45",
                  },
                  {
                     name: "42945",
                     refsource: "EXPLOIT-DB",
                     url: "https://www.exploit-db.com/exploits/42945/",
                  },
                  {
                     name: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
                     refsource: "CONFIRM",
                     url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
                  },
                  {
                     name: "openSUSE-SU-2017:2633",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html",
                  },
                  {
                     name: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
                     refsource: "MISC",
                     url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
                  },
                  {
                     name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
                     refsource: "MLIST",
                     url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html",
                  },
                  {
                     name: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf",
                     refsource: "CONFIRM",
                     url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-14495",
      datePublished: "2017-10-02T21:00:00",
      dateReserved: "2017-09-15T00:00:00",
      dateUpdated: "2024-08-05T19:27:40.779Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from csaf_suse

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature