CVE-2017-14491

Опубликовано: 02 окт. 2017

Источник: redhat

CVSS3: 9.8

CVSS2: 10

EPSS Средний

Описание

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code.

Отчет

Red Hat OpenStack Platform includes the dnsmasq-utils RPM which does not contain this flaw's affected code-paths; Red Hat OpenStack Platform is therefore listed as not affected. However, because all versions of Red Hat OpenStack Platform are based on Red Hat Enterprise Linux, all Red Hat OpenStack Platform users should absolutely upgrade the dnsmasq RPM from Red Hat Enterprise Linux as a matter of urgency using standard update mechanisms (such as 'yum update' or 'openstack overcloud update').

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux OpenStack Platform 6 (Juno)	dnsmasq	Not affected
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)	dnsmasq	Not affected
Red Hat OpenStack Platform 10 (Newton)	dnsmasq	Not affected
Red Hat OpenStack Platform 11 (Ocata)	dnsmasq	Not affected
Red Hat OpenStack Platform 12 (Pike)	dnsmasq	Not affected
Red Hat OpenStack Platform 8 (Liberty)	dnsmasq	Not affected
Red Hat OpenStack Platform 9 (Mitaka)	dnsmasq	Not affected
Red Hat Enterprise Linux 5.9 Long Life	dnsmasq	Fixed	RHSA-2017:2841	02.10.2017
Red Hat Enterprise Linux 5 Extended Lifecycle Support	dnsmasq	Fixed	RHSA-2017:2840	02.10.2017
Red Hat Enterprise Linux 6	dnsmasq	Fixed	RHSA-2017:2838	02.10.2017

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Critical

Дефект:

CWE-122

https://bugzilla.redhat.com/show_bug.cgi?id=1495409dnsmasq: heap overflow in the code responsible for building DNS replies

EPSS

Процентиль: 98%

0.60192

Средний

9.8 Critical

CVSS3

10 Critical

CVSS2

Связанные уязвимости

CVE-2017-14491

CVSS3: 9.8

ubuntu

около 8 лет назад

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

CVE-2017-14491

CVSS3: 9.8

nvd

около 8 лет назад

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

CVE-2017-14491

CVSS3: 9.8

debian

около 8 лет назад

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attack ...

GHSA-m4px-ph3f-7964

CVSS3: 9.8

github

больше 3 лет назад

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

ELSA-2017-2840

oracle-oval

около 8 лет назад

ELSA-2017-2840: dnsmasq security update (CRITICAL)

EPSS

Процентиль: 98%

0.60192

Средний

9.8 Critical

CVSS3

10 Critical

CVSS2