First published: Mon Oct 02 2017(Updated: )
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =17.04 | |
Debian Debian Linux | =7.0 | |
Debian Debian Linux | =7.1 | |
Debian Debian Linux | =9.0 | |
Fedoraproject Fedora | =27 | |
Novell Leap | =42.2 | |
Novell Leap | =42.3 | |
Redhat Enterprise Linux Desktop | =7.0 | |
Redhat Enterprise Linux Server | =7.0 | |
Redhat Enterprise Linux Workstation | =7.0 | |
Thekelleys Dnsmasq | <=2.77 |
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.