Your submission was sent successfully! Close

CVE-2015-3294

Published: 27 April 2015

The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.

Priority

Medium

Status

Package Release Status
dnsmasq
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise
Released (2.59-4ubuntu0.2)
trusty
Released (2.68-1ubuntu0.1)
upstream Needed

utopic
Released (2.71-1ubuntu0.1)
vivid
Released (2.72-3ubuntu0.1)