Your submission was sent successfully! Close

CVE-2021-45955

Published: 1 January 2022

** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and fuzz_rfc1035.c) because of the lack of a proper bounds check upon pseudo header re-insertion. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge." However, a contributor states that a security patch (mentioned in 016162.html) is needed.

Notes

AuthorNote
mdeslaur 
vendor has disputed this CVE, marking as not-affected
Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
dnsmasq
Launchpad, Ubuntu, Debian 		bionic Not vulnerable

focal Not vulnerable

hirsute Ignored
(reached end-of-life)
impish Not vulnerable

jammy Not vulnerable

trusty Not vulnerable

upstream Needs triage

xenial Not vulnerable

References

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading