Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-13704

In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.

Published

2017-10-03T01:29:01.637

Last Modified

2025-04-20T01:37:25.860

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	canonical	ubuntu_linux	14.04	Yes
Operating System	canonical	ubuntu_linux	16.04	Yes
Operating System	canonical	ubuntu_linux	17.04	Yes
Operating System	debian	debian_linux	7.0	Yes
Operating System	debian	debian_linux	7.1	Yes
Operating System	debian	debian_linux	9.0	Yes
Operating System	fedoraproject	fedora	27	Yes
Operating System	novell	leap	42.2	Yes
Operating System	novell	leap	42.3	Yes
Operating System	redhat	enterprise_linux_desktop	7.0	Yes
Operating System	redhat	enterprise_linux_server	7.0	Yes
Operating System	redhat	enterprise_linux_workstation	7.0	Yes
Application	thekelleys	dnsmasq	≤ 2.77	Yes

References

http://thekelleys.org.uk/dnsmasq/CHANGELOG Release Notes, Vendor Advisory ([email protected])
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928 ([email protected])
http://www.securityfocus.com/bid/101085 Third Party Advisory, VDB Entry ([email protected])
http://www.securityfocus.com/bid/101977 ([email protected])
http://www.securitytracker.com/id/1039474 Third Party Advisory, VDB Entry ([email protected])
https://access.redhat.com/security/vulnerabilities/3199382 Issue Tracking, Third Party Advisory ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/ ([email protected])
https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html Third Party Advisory ([email protected])
https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html ([email protected])
https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html ([email protected])
https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq ([email protected])
http://thekelleys.org.uk/dnsmasq/CHANGELOG Release Notes, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/101085 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/101977 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1039474 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/security/vulnerabilities/3199382 Issue Tracking, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/ (af854a3a-2127-422b-91ae-364da2661108)
https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html (af854a3a-2127-422b-91ae-364da2661108)
https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html (af854a3a-2127-422b-91ae-364da2661108)
https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq (af854a3a-2127-422b-91ae-364da2661108)