Your submission was sent successfully! Close

CVE-2021-45952

Published: 1 January 2022

** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called from dhcp_packet and FuzzDhcp). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge."

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
dnsmasq
Launchpad, Ubuntu, Debian 		bionic Not vulnerable

focal Not vulnerable

hirsute Ignored
(reached end-of-life)
impish Not vulnerable

jammy Not vulnerable

trusty Not vulnerable

upstream Needs triage

xenial Not vulnerable

Notes

AuthorNote
mdeslaur 
vendor has disputed this CVE, marking as not-affected

References

Bugs

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading