CVE-2017-13704
Published: 2 October 2017
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.
Notes
Author | Note |
---|---|
mdeslaur | regression introduced in 2.77 |
Priority
CVSS 3 base score: 7.5