Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 1215747 - (CVE-2015-3294) CVE-2015-3294 dnsmasq: unchecked return value of the setup_reply() function
CVE-2015-3294 dnsmasq: unchecked return value of the setup_reply() function
Status: CLOSED WONTFIX
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20150423,repor...
: Security
Depends On:
Blocks: 1215748
  Show dependency treegraph
 
Reported: 2015-04-27 12:16 EDT by Martin Prpič
Modified: 2016-04-26 23:36 EDT (History)
20 users (show)

See Also:
Fixed In Version: dnsmasq 2.73rc4
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-05-28 04:44:00 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Martin Prpič 2015-04-27 12:16:26 EDT 
The following flaw was found in dnsmasq:

Dnsmasq does not properly check the return value of the setup_reply() function called during a tcp connection (by the tcp_request() function). This return value is then used as a size argument in a function which writes data on the client's connection. This may lead, upon successful exploitation, to reading the heap memory of dnsmasq.

This issue is fixed in dnsmasq-2.73rc4:

http://www.thekelleys.org.uk/dnsmasq/release-candidates/

External References:

https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1502/
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.