The following flaw was found in dnsmasq: Dnsmasq does not properly check the return value of the setup_reply() function called during a tcp connection (by the tcp_request() function). This return value is then used as a size argument in a function which writes data on the client's connection. This may lead, upon successful exploitation, to reading the heap memory of dnsmasq. This issue is fixed in dnsmasq-2.73rc4: http://www.thekelleys.org.uk/dnsmasq/release-candidates/ External References: https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1502/