The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.
References
Configurations
History
07 Nov 2023, 02:25
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2015-05-08 14:59
Updated : 2023-12-10 11:46
NVD link : CVE-2015-3294
Mitre link : CVE-2015-3294
CVE.ORG link : CVE-2015-3294
JSON object : View
Products Affected
oracle
- solaris
thekelleys
- dnsmasq
CWE
CWE-19
Data Processing Errors