Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-14492

Опубликовано: 02 окт. 2017
Источник: redhat
CVSS3: 8.8
CVSS2: 8.3

Описание

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.

A heap buffer overflow was discovered in dnsmasq in the IPv6 router advertisement (RA) handling code. An attacker on the local network segment could send crafted RAs to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. This issue only affected configurations using one of these options: enable-ra, ra-only, slaac, ra-names, ra-advrouter, or ra-stateless.

Отчет

Red Hat OpenStack Platform includes the dnsmasq-utils RPM which does not contain this flaw's affected code-paths; Red Hat OpenStack Platform is therefore listed as not affected. However, because all versions of Red Hat OpenStack Platform are based on Red Hat Enterprise Linux, all Red Hat OpenStack Platform users should absolutely upgrade the dnsmasq RPM from Red Hat Enterprise Linux as a matter of urgency using standard update mechanisms (such as 'yum update' or 'openstack overcloud update').

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5dnsmasqNot affected
Red Hat Enterprise Linux 6dnsmasqNot affected
Red Hat Enterprise Linux OpenStack Platform 6 (Juno)dnsmasqNot affected
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)dnsmasqNot affected
Red Hat OpenStack Platform 10 (Newton)dnsmasqNot affected
Red Hat OpenStack Platform 11 (Ocata)dnsmasqNot affected
Red Hat OpenStack Platform 12 (Pike)dnsmasqNot affected
Red Hat OpenStack Platform 8 (Liberty)dnsmasqNot affected
Red Hat OpenStack Platform 9 (Mitaka)dnsmasqNot affected
Red Hat Enterprise Linux 7dnsmasqFixedRHSA-2017:283602.10.2017

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Critical
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=1495410dnsmasq: heap overflow in the IPv6 router advertisement code

8.8 High

CVSS3

8.3 High

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2017-14492

CVSS3: 9.8
ubuntu
около 8 лет назад

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.

nvd логотип

CVE-2017-14492

CVSS3: 9.8
nvd
около 8 лет назад

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.

debian логотип

CVE-2017-14492

CVSS3: 9.8
debian
около 8 лет назад

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attack ...

github логотип

GHSA-6wc4-q6rh-cfvh

CVSS3: 9.8
github
больше 3 лет назад

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.

fstec логотип

BDU:2017-02359

CVSS3: 9.8
fstec
около 8 лет назад

Уязвимость DNS-сервера Dnsmasq, вызванная переполнением буфера в динамической памяти, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

8.8 High

CVSS3

8.3 High

CVSS2