Lucene search

K
alpinelinuxAlpine Linux Development TeamALPINE:CVE-2021-45955
HistoryJan 01, 2022 - 12:15 a.m.

CVE-2021-45955

2022-01-0100:15:00
Alpine Linux Development Team
security.alpinelinux.org
11

0.001 Low

EPSS

Percentile

50.5%

DISPUTED Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and fuzz_rfc1035.c) because of the lack of a proper bounds check upon pseudo header re-insertion. NOTE: the vendor’s position is that CVE-2021-45951 through CVE-2021-45957 “do not represent real vulnerabilities, to the best of our knowledge.” However, a contributor states that a security patch (mentioned in 016162.html) is needed.

OSVersionArchitecturePackageVersionFilename
Alpineedge-mainnoarchdnsmasq= 2.86-r2UNKNOWN
Alpine3.15-mainnoarchdnsmasq= 2.86-r1UNKNOWN
Alpine3.16-mainnoarchdnsmasq= 2.86-r2UNKNOWN