An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet.

References

bugzilla.redhat.com/show_bug.cgi?id=1495416

security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html https://access.redhat.com/security/vulnerabilities/3199382

osv 1

ubuntucve 1

packetstorm 1

debiancve 1

prion 1

checkpoint_advisories 1

alpinelinux 1

cve 1

seebug 1

exploitpack 1

veracode 1

zdt 1

exploitdb 1

nessus 26

ics 1

arista 1

openvas 18

cert 1

debian 2

ubuntu 3

fedora 3

amazon 2

archlinux 1

redhat 1

gentoo 1

suse 4

centos 1

oraclelinux 1

threatpost 1

photon 1

thn 1

freebsd 1

mageia 2

myhack58 1

ibm 2

f5 1

slackware 1

huawei 1

altlinux 1

redhatcve 1

nvidia 1

osv

CVE-2017-14496

2017-10-03 01:29:02

ubuntucve

CVE-2017-14496

2017-10-02 00:00:00

packetstorm

Dnsmasq Integer Underflow

2017-10-02 00:00:00

debiancve

CVE-2017-14496

2017-10-03 01:29:00

prion

Integer overflow

2017-10-03 01:29:00

checkpoint_advisories

Dnsmasq Integer Underflow Denial Of Service (CVE-2017-14496)

2017-10-03 00:00:00

alpinelinux

CVE-2017-14496

2017-10-03 01:29:00

cve

CVE-2017-14496

2017-10-03 01:29:00

seebug

Dnsmasq DoS Vulnerability(CVE-2017-14496)

2017-10-09 00:00:00

exploitpack

Dnsmasq 2.78 - Integer Underflow

2017-10-02 00:00:00

veracode

Denial Of Service (DoS)

2019-05-16 01:47:46

zdt

Dnsmasq < 2.78 - Integer Underflow Exploit

2017-10-02 00:00:00

exploitdb

Dnsmasq < 2.78 - Integer Underflow

2017-10-02 00:00:00

nessus

EulerOS 2.0 SP2 : dnsmasq (EulerOS-SA-2018-1285)

2018-09-27 00:00:00

Photon OS 1.0: Dnsmasq PHSA-2017-0035

2019-02-07 00:00:00

Ubuntu 14.04 LTS / 16.04 LTS : Dnsmasq vulnerabilities (USN-3430-1)

2017-10-03 00:00:00

ics

Siemens SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 (Update C)

2020-10-13 12:00:00

arista

Security Advisory 0030

2017-10-02 00:00:00

openvas

openSUSE: Security Advisory for dnsmasq (openSUSE-SU-2017:2633-1)

2017-10-05 00:00:00

RedHat Update for dnsmasq RHSA-2017:2836-01

2017-10-05 00:00:00

Ubuntu: Security Advisory (USN-3430-2)

2022-08-26 00:00:00

cert

Dnsmasq contains multiple vulnerabilities

2017-10-02 00:00:00

debian

[SECURITY] [DSA 3989-1] dnsmasq security update

2017-10-02 18:30:02

[SECURITY] [DSA 3989-1] dnsmasq security update

2017-10-02 18:30:02

ubuntu

Dnsmasq vulnerabilities

2017-10-03 00:00:00

Dnsmasq regression

2018-01-04 00:00:00

Dnsmasq vulnerabilities

2017-10-02 00:00:00

fedora

[SECURITY] Fedora 26 Update: dnsmasq-2.76-5.fc26

2017-10-06 15:22:33

[SECURITY] Fedora 25 Update: dnsmasq-2.76-4.fc25

2017-10-23 22:52:39

[SECURITY] Fedora 27 Update: dnsmasq-2.77-9.fc27

2017-10-24 05:30:01

amazon

Critical: dnsmasq

2019-07-18 18:22:00

Critical: dnsmasq

2017-10-02 17:05:00

archlinux

[ASA-201710-1] dnsmasq: multiple issues

2017-10-02 00:00:00

redhat

(RHSA-2017:2836) Critical: dnsmasq security update

2017-10-02 13:34:30

gentoo

Dnsmasq: Multiple vulnerabilities

2017-10-23 00:00:00

suse

Security update for dnsmasq (important)

2017-10-03 03:07:14

Security update for dnsmasq (important)

2017-10-02 21:11:28

Security update for dnsmasq (important)

2017-10-02 21:07:18

centos

dnsmasq security update

2017-10-03 00:04:45

oraclelinux

dnsmasq security update

2017-10-02 00:00:00

threatpost

Google Warns of DoS and RCE Bugs in Dnsmasq

2017-10-03 13:16:06

photon

Critical Photon OS Security Update - PHSA-2017-0074

2017-10-04 00:00:00

thn

Google Finds 7 Security Flaws in Widely Used Dnsmasq Network Software

2017-10-02 23:44:00

freebsd

dnsmasq -- multiple vulnerabilities

2017-10-02 00:00:00

mageia

Updated dnsmasq packages fix security vulnerabilities

2017-10-09 12:51:10

Updated dnsmasq packages fix security vulnerabilities

2017-10-09 12:51:10

myhack58

dnsmasq:exposure out of the plurality of levels is quite high vulnerability-vulnerability warning-the black bar safety net

2017-10-10 00:00:00

ibm

Security Bulletin: Multiple security vulnerabilities in dnsmasq affect IBM Cloud Manager with OpenStack

2018-08-08 04:13:55

Security Bulletin: Multiple security vulnerabilities in IBM Cloud Manager with OpenStack affect IBM Cloud Orchestrator and Cloud Orchestrator Enterprise

2018-06-17 22:33:37

K32582354 : Multiple dnsmasq vulnerabilities

2017-10-05 00:00:00

slackware

[slackware-security] dnsmasq

2017-10-02 18:43:20

huawei

Security Advisory - Seven vulnerabilities in Google Dnsmasq

2017-11-03 00:00:00

altlinux

Security fix for the ALT Linux 10 package dnsmasq version 2.78-alt1

2017-10-06 00:00:00

redhatcve

CVE-2017-14491

2020-04-09 10:43:20

nvidia

Security Bulletin: NVIDIA Tegra Jetson L4T contains multiple vulnerabilities; updates for “BlueBorne” and “Dnsmasq”.

2017-10-16 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

JSON

Related for RH:CVE-2017-14496