First published: Tue Feb 22 2022(Updated: )
A flaw was found in dnsmasq. A heap use after free issue in the dhcp6 server may lead to remote denial of service via crafted packet. References: <a href="https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html">https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html</a>
Affected Software | Affected Version | How to fix |
---|---|---|
Dnsmasq |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
REDHAT-BUG-2057075 has been classified as a medium severity vulnerability due to its potential for causing a denial of service.
To fix REDHAT-BUG-2057075, you should update to the latest patched version of dnsmasq provided by your distribution.
The impact of REDHAT-BUG-2057075 may lead to a remote denial of service attack if exploited via crafted packets targeting the DHCPv6 server.
Yes, REDHAT-BUG-2057075 is exploitable remotely as it allows attackers to send crafted packets to the DHCPv6 server.
REDHAT-BUG-2057075 affects multiple versions of dnsmasq that include the vulnerable DHCP6 server configuration.