7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.303 Low
EPSS
Percentile
97.0%
Improper bounds checking in Dnsmasq before 2.76 allows an attacker
controlled DNS server to send large DNS packets that result in a read
operation beyond the buffer allocated for the packet, a different
vulnerability than CVE-2017-14491.
Author | Note |
---|---|
msalvatore | The vulnerability writeup states, βThe git commit affected is this one and before: 15379ea1f252d1f53c5d93ae970b22dedb233642β. This commit, therefore, may resolve the issue: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=patch;h=d3a8b39c7df2f0debf3b5f274a1c37a9e261f94e |
mdeslaur | canβt reproduce on xenial, probably not a DoS issue |
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.303 Low
EPSS
Percentile
97.0%