dnsmasq

rpms

dnsmasq

Fork 0

Commit Graph

Author	SHA1	Message	Date
Petr Menšík	d75aef2c01	Security fix, CVE-2017-14496, Integer underflow in DNS response creation. Fix DoS in DNS. Invalid boundary checks in the add_pseudoheader function allows a memcpy call with negative size An attacker which can send malicious DNS queries to dnsmasq can trigger a DoS remotely. dnsmasq is vulnerable only if one of the following option is specified: --add-mac, --add-cpe-id or --add-subnet. Signed-off-by: Petr Menšík <pemensik@redhat.com>	2017-10-02 17:08:22 +02:00

Author

SHA1

Message

Date

Petr Menšík

d75aef2c01

Security fix, CVE-2017-14496, Integer underflow in DNS response creation.

Fix DoS in DNS. Invalid boundary checks in the
    add_pseudoheader function allows a memcpy call with negative
    size An attacker which can send malicious DNS queries
    to dnsmasq can trigger a DoS remotely.
    dnsmasq is vulnerable only if one of the following option is
    specified: --add-mac, --add-cpe-id or --add-subnet.

Signed-off-by: Petr Menšík <pemensik@redhat.com>

2017-10-02 17:08:22 +02:00

1 Commits