Back to search
CVE-2017-14495
Published: Oct 2, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1039474
vdb-entry
x_refsource_SECTRACK
https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq
x_refsource_CONFIRM
DSA-3989
vendor-advisory
x_refsource_DEBIAN
https://access.redhat.com/security/vulnerabilities/3199382
x_refsource_CONFIRM
101085
vdb-entry
x_refsource_BID
USN-3430-1
vendor-advisory
x_refsource_UBUNTU
101977
vdb-entry
x_refsource_BID
VU#973527
third-party-advisory
x_refsource_CERT-VN
GLSA-201710-27
vendor-advisory
x_refsource_GENTOO
USN-3430-2
vendor-advisory
x_refsource_UBUNTU
[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.
mailing-list
x_refsource_MLIST
RHSA-2017:2836
vendor-advisory
x_refsource_REDHAT
http://nvidia.custhelp.com/app/answers/detail/a_id/4561
x_refsource_CONFIRM
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt
x_refsource_CONFIRM
42945
exploit
x_refsource_EXPLOIT-DB
http://thekelleys.org.uk/dnsmasq/CHANGELOG
x_refsource_CONFIRM
openSUSE-SU-2017:2633
vendor-advisory
x_refsource_SUSE
[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.
mailing-list
x_refsource_MLIST
https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now