CVE-2021-45952: Buffer Overflow
First published: Fri Dec 31 2021(Updated: )
** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called from dhcp_packet and FuzzDhcp). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge."
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Thekelleys Dnsmasq | =2.86 | |
| =2.86 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Dnsmasq vulnerability?
The vulnerability ID for this Dnsmasq vulnerability is CVE-2021-45952.
What is the severity of CVE-2021-45952?
The severity of CVE-2021-45952 is critical with a CVSS score of 9.8.
What is the affected software of CVE-2021-45952?
The affected software of CVE-2021-45952 is Dnsmasq version 2.86.
What is the description of CVE-2021-45952?
CVE-2021-45952 is a heap-based buffer overflow vulnerability in Dnsmasq version 2.86.
Are there any known fixes or patches for CVE-2021-45952?
At this time, there are no known fixes or patches for CVE-2021-45952. It is recommended to follow the vendor's updates for any new information or patches.
- collector/nvd-index
- agent/references
- agent/type
- agent/author
- agent/severity
- agent/weakness
- agent/status
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/event
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- status/disputed
- vendor/thekelleys
- canonical/thekelleys dnsmasq
- version/thekelleys dnsmasq/2.86