Back to search
CVE-2015-3294
Published: May 8, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
DSA-3251
vendor-advisory
x_refsource_DEBIAN
[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability
mailing-list
x_refsource_MLIST
openSUSE-SU-2015:0857
vendor-advisory
x_refsource_SUSE
USN-2593-1
vendor-advisory
x_refsource_UBUNTU
GLSA-201512-01
vendor-advisory
x_refsource_GENTOO
[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability
mailing-list
x_refsource_MLIST
1032195
vdb-entry
x_refsource_SECTRACK
74452
vdb-entry
x_refsource_BID
20150423 Dnsmasq 2.72 Unchecked returned value
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now