dnsmasq:exposure out of the plurality of levels is quite high vulnerability-vulnerability warning-the black bar safety net

dnsmasq as a lightweight DNS and DHCP do, thanks to its simple and easy to use, in the SME case, and the Cloud Platform is widely used, contains libvirt, etc., component the YAP indirect application of it as a support.
2017 10 on 2 September, by Google safe team invention, a plurality of dnsmasq ping vulnerability flaws bug is to show it.
It is reported that this vulnerability flaws bug number for CVE-2017-14491, CVE-2017-14492, CVE-2017-14493 three vulnerabilities flaws bug is coherent vendors sign a major grade, the residue remaining number is CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, CVE-2017-13704 vulnerability flaws bug is marked for tense grade.
360CERT initiative wide application of the dnsmasq user as soon as possible to stop investigation into the level of disposal.
0x01 confound the impact
Affect
The affected dnsmasq-DOS suffered the long haul feel free to rate code honour onslaught or long distance rebuff-do onslaught, the formation of the host being invaded or clerk is not available, the persecution is significant.
Impact version
! [](/Article/UploadPic/2017-10/2017101016116846. png? www. myhack58. com)
This Central door vulnerability flaws bug the application required the case of non-is not tacit approval, if necessary 零丁 set equipment decoration, detail the following:
! [](/Article/UploadPic/2017-10/2017101016116886. png? www. myhack58. com)
Fix version
Version 2.78
0x02 sector vulnerability flaws bug tips information
CVE-2017-14491: major
CVE-2017-14491 is this batch of vulnerabilities flaws bug the list of the most significant vulnerabilities flaws bug, and the impact of the dnsmasq sectors version. Onslaught’s necessary a control of the vicious thoughts of a domain(e.g.,evil.com)and sends a DNS begging to dnsmasq, so make dnsmasq cache under the domain name to the begging of. Then through the process the core structure of the DNS sorrow begging drop responses, will lead to dnsmasq presented on the heap memory bounds, the vulnerability flaws of the bug is capable of forming arbitrarily the rate of the code to fulfill.
Memory bounds information:
! [](/Article/UploadPic/2017-10/2017101016116856. png? www. myhack58. com)
CVE-2017-14492 and CVE-2017-14493: major
This 2 vulnerability flaws bugs are present in the IPv6/DHCPv6 effect, A is the stack cross-border, and the other is the stack bounds. Two vulnerabilities flaws bugs are capable of forming a code to fulfill this in CVE-2017-14493 code to perform dangerous can be the Gcc Stack Protector to slow down.
Reality, this 2 vulnerability flaws bug the necessary dnsmasq turned on DHCP and bound to the IPv6 interface of the case can be triggered. Else, onslaught’s necessary in the local network and the necessary to a host of root access to structure specific DHCPv6 or IPv6 Router Advertisement news to the onslaught of.
Necessary to note that dnsmasq in the 2.60 version only after the beginning of the support for DHCPv6 and IPv6 Router Advertisement to is the previous version are not affected.
CVE-2017-14494: nervous
The vulnerability flaws of the bug present in the DHCPv6 effect finish, can be formed dnsmasq memory read out of bounds via a process of DHCPv6 to the package leaked to the onslaught.
As later vulnerability flaws bug said, the vulnerability flaws bugs affecting the version 2. 60 to 2.77, in version 2.78 in to be repaired.
0x03 peace initiative

1. Coherent Linux published version once the supply of the Ping An update, via a process yum or apt-get in the situation to stop the Ping An update.
2. To the official website to download the latest version build device
   Links: http://www.thekelleys.org.uk/dnsmasq/doc.html
   0x04 time line
   2017-10-02 confound show
   2017-10-09 360CERT announced warning notices