Bird_banner_small4
DNSmasq answer_auth and answer_request Integer Underflow
TSL ID TSL20171002-05
CVE ID(s) CVE-2017-13704
Severity High
Description

An integer underflow vulnerability has been reported in dnsmasq. The vulnerability is due to improper handling of larger than expected UDP packets when performing a calculation used for a subsequent memset.

A remote, unauthenticated attacker can exploit this vulnerability by sending a large UDP packet to the target system. Successful exploitation results in termination of the dnsmasq process.

The vendor, Dnsmasq, has released a CHANGELOG containing an advisory regarding this vulnerability:

http://www.thekelleys.org.uk/dnsmasq/CHANGELOG

Affected Products
  • DNSmasq/Mikrotik DNSmasq 2.77
CVSS Score Base 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C):
  • Access vector is NETWORK
  • Access complexity is LOW
  • Level of authentication required is NONE
  • Impact of this vulnerability on data confidentiality is NONE
  • Impact of this vulnerability on data integrity is NONE
  • Impact of this vulnerability on data availability is COMPLETE
Temporal 5.8 (E:U/RL:OF/RC:C):
  • The exploitability level of this vulnerability is UNPROVEN
  • The remediation level of this vulnerability is OFFICIAL FIX
  • The report confidence level of this vulnerability is CONFIRMED
References https://access.redhat.com/security/vulnerabilities/3199382
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928
http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
Related Threats