Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2019-14513

Published: 1 August 2019

Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.

Notes

AuthorNote
msalvatore
The vulnerability writeup states, "The git commit affected is this
one and before: 15379ea1f252d1f53c5d93ae970b22dedb233642". This
commit, therefore, may resolve the issue:
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=patch;h=d3a8b39c7df2f0debf3b5f274a1c37a9e261f94e
mdeslaur
can't reproduce on xenial, probably not a DoS issue
Priority

Low

CVSS 3 base score: 7.5

Status

Package Release Status
dnsmasq
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(2.79-1)
disco Not vulnerable

eoan Not vulnerable

focal Not vulnerable

groovy Not vulnerable

hirsute Not vulnerable

impish Not vulnerable

jammy Not vulnerable

kinetic Not vulnerable

precise Ignored
(end of ESM support, was needs-triage)
trusty Needed

upstream
Released (2.76-1)
xenial
Released (2.75-1ubuntu0.16.04.10)