Candidate: CVE-2017-13704
CRD: 2017-10-02
PublicDate: 2017-10-03 01:29:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13704
 http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2017q3/011729.html
 http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928
Description:
 In dnsmasq before 2.78, if the DNS packet size does not match the expected
 size, the size parameter in a memset call gets a negative value. As it is
 an unsigned value, memset ends up writing up to 0xffffffff zero's
 (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.
Ubuntu-Description: 
Notes: 
 mdeslaur> regression introduced in 2.77
Bugs: 
 https://bugzilla.redhat.com/show_bug.cgi?id=1495510
Priority: high
Discovered-by: Christian Kujau, Arne Woerner, Juan Manuel Fernandez and Kevin Darbyshire-Bryant
Assigned-to: mdeslaur
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]

Patches_dnsmasq:
upstream_dnsmasq: needs-triage
precise/esm_dnsmasq: not-affected
trusty_dnsmasq: not-affected (2.68-1ubuntu0.1)
trusty/esm_dnsmasq: not-affected (2.68-1ubuntu0.1)
vivid/ubuntu-core_dnsmasq: DNE
xenial_dnsmasq: not-affected (2.75-1ubuntu0.16.04.2)
esm-infra/xenial_dnsmasq: not-affected (2.75-1ubuntu0.16.04.2)
zesty_dnsmasq: not-affected (2.76-5)
devel_dnsmasq: not-affected (2.78-1)