Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2015-3294 (GCVE-0-2015-3294)
Vulnerability from cvelistv5
Published
2015-05-08 14:00
Modified
2024-08-06 05:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:39:32.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3251",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3251"
},
{
"name": "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html"
},
{
"name": "openSUSE-SU-2015:0857",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=ad4a8ff7d9097008d7623df8543df435bfddeac8"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "USN-2593-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2593-1"
},
{
"name": "GLSA-201512-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201512-01"
},
{
"name": "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html"
},
{
"name": "1032195",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032195"
},
{
"name": "74452",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74452"
},
{
"name": "20150423 Dnsmasq 2.72 Unchecked returned value",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/535354/100/1100/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3251",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3251"
},
{
"name": "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html"
},
{
"name": "openSUSE-SU-2015:0857",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=ad4a8ff7d9097008d7623df8543df435bfddeac8"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "USN-2593-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2593-1"
},
{
"name": "GLSA-201512-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201512-01"
},
{
"name": "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html"
},
{
"name": "1032195",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032195"
},
{
"name": "74452",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74452"
},
{
"name": "20150423 Dnsmasq 2.72 Unchecked returned value",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/535354/100/1100/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3294",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3251",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3251"
},
{
"name": "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability",
"refsource": "MLIST",
"url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html"
},
{
"name": "openSUSE-SU-2015:0857",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html"
},
{
"name": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8",
"refsource": "CONFIRM",
"url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "USN-2593-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2593-1"
},
{
"name": "GLSA-201512-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201512-01"
},
{
"name": "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability",
"refsource": "MLIST",
"url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html"
},
{
"name": "1032195",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032195"
},
{
"name": "74452",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74452"
},
{
"name": "20150423 Dnsmasq 2.72 Unchecked returned value",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535354/100/1100/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3294",
"datePublished": "2015-05-08T14:00:00",
"dateReserved": "2015-04-10T00:00:00",
"dateUpdated": "2024-08-06T05:39:32.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2015-3294\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2015-05-08T14:59:05.527\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n tcp_request en Dnsmasq anterior a 2.73rc4 no maneja correctamente el valor de retorno de la funci\u00f3n setup_reply, lo que permite a atacantes remotos leer la memoria de procesos y causar una denegaci\u00f3n de servicio (lectura fuera de rango y ca\u00edda) a trav\u00e9s de una solicitud DNS malformada.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:P\",\"baseScore\":6.4,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-19\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:thekelleys:dnsmasq:*:rc3:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.73\",\"matchCriteriaId\":\"D4E32044-8F2B-48B6-8D85-46B7D62C3A87\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B1C288F-326B-497B-B26C-D26E01262DDB\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=ad4a8ff7d9097008d7623df8543df435bfddeac8\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2015/dsa-3251\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/535354/100/1100/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/74452\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id/1032195\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2593-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201512-01\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=ad4a8ff7d9097008d7623df8543df435bfddeac8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2015/dsa-3251\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/535354/100/1100/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/74452\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1032195\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2593-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201512-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
suse-su-2017:2617-1
Vulnerability from csaf_suse
Published
2017-10-02 13:53
Modified
2017-10-02 13:53
Summary
Security update for dnsmasq
Notes
Title of the patch
Security update for dnsmasq
Description of the patch
This update for dnsmasq fixes the following security issues:
- CVE-2017-14491: 2 byte heap based overflow. [bsc#1060354]
- CVE-2017-14492: heap based overflow. [bsc#1060355]
- CVE-2017-14493: stack based overflow. [bsc#1060360]
- CVE-2017-14494: DHCP - info leak. [bsc#1060361]
- CVE-2017-14495: DNS - OOM DoS. [bsc#1060362]
- CVE-2017-14496: DNS - DoS Integer underflow. [bsc#1060364]
This update brings a (small) potential incompatibility in the handling of
'basename' in --pxe-service. Please read the CHANGELOG and the documentation if
you are using this option.
Patchnames
sleposp3-dnsmasq-13296,slessp3-dnsmasq-13296
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for dnsmasq",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for dnsmasq fixes the following security issues:\n\n- CVE-2017-14491: 2 byte heap based overflow. [bsc#1060354]\n- CVE-2017-14492: heap based overflow. [bsc#1060355]\n- CVE-2017-14493: stack based overflow. [bsc#1060360]\n- CVE-2017-14494: DHCP - info leak. [bsc#1060361]\n- CVE-2017-14495: DNS - OOM DoS. [bsc#1060362]\n- CVE-2017-14496: DNS - DoS Integer underflow. [bsc#1060364]\n\nThis update brings a (small) potential incompatibility in the handling of\n\u0027basename\u0027 in --pxe-service. Please read the CHANGELOG and the documentation if\nyou are using this option.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sleposp3-dnsmasq-13296,slessp3-dnsmasq-13296",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2617-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:2617-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172617-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:2617-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-October/003269.html"
},
{
"category": "self",
"summary": "SUSE Bug 1060354",
"url": "https://bugzilla.suse.com/1060354"
},
{
"category": "self",
"summary": "SUSE Bug 1060355",
"url": "https://bugzilla.suse.com/1060355"
},
{
"category": "self",
"summary": "SUSE Bug 1060360",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "self",
"summary": "SUSE Bug 1060361",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "self",
"summary": "SUSE Bug 1060362",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "self",
"summary": "SUSE Bug 1060364",
"url": "https://bugzilla.suse.com/1060364"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3294 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3294/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8899 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14491 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14492 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14493 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14493/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14494 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14494/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14495 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14496 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14496/"
}
],
"title": "Security update for dnsmasq",
"tracking": {
"current_release_date": "2017-10-02T13:53:56Z",
"generator": {
"date": "2017-10-02T13:53:56Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:2617-1",
"initial_release_date": "2017-10-02T13:53:56Z",
"revision_history": [
{
"date": "2017-10-02T13:53:56Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.78-0.16.5.1.i586",
"product": {
"name": "dnsmasq-2.78-0.16.5.1.i586",
"product_id": "dnsmasq-2.78-0.16.5.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.78-0.16.5.1.s390x",
"product": {
"name": "dnsmasq-2.78-0.16.5.1.s390x",
"product_id": "dnsmasq-2.78-0.16.5.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.78-0.16.5.1.x86_64",
"product": {
"name": "dnsmasq-2.78-0.16.5.1.x86_64",
"product_id": "dnsmasq-2.78-0.16.5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-pos:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:11:sp3:teradata"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-0.16.5.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586"
},
"product_reference": "dnsmasq-2.78-0.16.5.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-0.16.5.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586"
},
"product_reference": "dnsmasq-2.78-0.16.5.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-0.16.5.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x"
},
"product_reference": "dnsmasq-2.78-0.16.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-0.16.5.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64"
},
"product_reference": "dnsmasq-2.78-0.16.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-0.16.5.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586"
},
"product_reference": "dnsmasq-2.78-0.16.5.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-0.16.5.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x"
},
"product_reference": "dnsmasq-2.78-0.16.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-0.16.5.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
},
"product_reference": "dnsmasq-2.78-0.16.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-3294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3294"
}
],
"notes": [
{
"category": "general",
"text": "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3294",
"url": "https://www.suse.com/security/cve/CVE-2015-3294"
},
{
"category": "external",
"summary": "SUSE Bug 923144 for CVE-2015-3294",
"url": "https://bugzilla.suse.com/923144"
},
{
"category": "external",
"summary": "SUSE Bug 928867 for CVE-2015-3294",
"url": "https://bugzilla.suse.com/928867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:53:56Z",
"details": "moderate"
}
],
"title": "CVE-2015-3294"
},
{
"cve": "CVE-2015-8899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8899"
}
],
"notes": [
{
"category": "general",
"text": "Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8899",
"url": "https://www.suse.com/security/cve/CVE-2015-8899"
},
{
"category": "external",
"summary": "SUSE Bug 983273 for CVE-2015-8899",
"url": "https://bugzilla.suse.com/983273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:53:56Z",
"details": "moderate"
}
],
"title": "CVE-2015-8899"
},
{
"cve": "CVE-2017-14491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14491"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14491",
"url": "https://www.suse.com/security/cve/CVE-2017-14491"
},
{
"category": "external",
"summary": "SUSE Bug 1060354 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1060354"
},
{
"category": "external",
"summary": "SUSE Bug 1060360 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "external",
"summary": "SUSE Bug 1060361 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "external",
"summary": "SUSE Bug 1060362 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "external",
"summary": "SUSE Bug 1060364 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1060364"
},
{
"category": "external",
"summary": "SUSE Bug 1063832 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1063832"
},
{
"category": "external",
"summary": "SUSE Bug 1143944 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1143944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:53:56Z",
"details": "moderate"
}
],
"title": "CVE-2017-14491"
},
{
"cve": "CVE-2017-14492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14492"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14492",
"url": "https://www.suse.com/security/cve/CVE-2017-14492"
},
{
"category": "external",
"summary": "SUSE Bug 1060355 for CVE-2017-14492",
"url": "https://bugzilla.suse.com/1060355"
},
{
"category": "external",
"summary": "SUSE Bug 1060360 for CVE-2017-14492",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "external",
"summary": "SUSE Bug 1060361 for CVE-2017-14492",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "external",
"summary": "SUSE Bug 1060362 for CVE-2017-14492",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "external",
"summary": "SUSE Bug 1060364 for CVE-2017-14492",
"url": "https://bugzilla.suse.com/1060364"
},
{
"category": "external",
"summary": "SUSE Bug 1063832 for CVE-2017-14492",
"url": "https://bugzilla.suse.com/1063832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:53:56Z",
"details": "moderate"
}
],
"title": "CVE-2017-14492"
},
{
"cve": "CVE-2017-14493",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14493"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14493",
"url": "https://www.suse.com/security/cve/CVE-2017-14493"
},
{
"category": "external",
"summary": "SUSE Bug 1060360 for CVE-2017-14493",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "external",
"summary": "SUSE Bug 1060361 for CVE-2017-14493",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "external",
"summary": "SUSE Bug 1060362 for CVE-2017-14493",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "external",
"summary": "SUSE Bug 1060364 for CVE-2017-14493",
"url": "https://bugzilla.suse.com/1060364"
},
{
"category": "external",
"summary": "SUSE Bug 1063832 for CVE-2017-14493",
"url": "https://bugzilla.suse.com/1063832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:53:56Z",
"details": "moderate"
}
],
"title": "CVE-2017-14493"
},
{
"cve": "CVE-2017-14494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14494"
}
],
"notes": [
{
"category": "general",
"text": "dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14494",
"url": "https://www.suse.com/security/cve/CVE-2017-14494"
},
{
"category": "external",
"summary": "SUSE Bug 1060360 for CVE-2017-14494",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "external",
"summary": "SUSE Bug 1060361 for CVE-2017-14494",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "external",
"summary": "SUSE Bug 1060362 for CVE-2017-14494",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "external",
"summary": "SUSE Bug 1060364 for CVE-2017-14494",
"url": "https://bugzilla.suse.com/1060364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:53:56Z",
"details": "moderate"
}
],
"title": "CVE-2017-14494"
},
{
"cve": "CVE-2017-14495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14495"
}
],
"notes": [
{
"category": "general",
"text": "Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14495",
"url": "https://www.suse.com/security/cve/CVE-2017-14495"
},
{
"category": "external",
"summary": "SUSE Bug 1060360 for CVE-2017-14495",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "external",
"summary": "SUSE Bug 1060361 for CVE-2017-14495",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "external",
"summary": "SUSE Bug 1060362 for CVE-2017-14495",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "external",
"summary": "SUSE Bug 1060364 for CVE-2017-14495",
"url": "https://bugzilla.suse.com/1060364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:53:56Z",
"details": "important"
}
],
"title": "CVE-2017-14495"
},
{
"cve": "CVE-2017-14496",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14496"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14496",
"url": "https://www.suse.com/security/cve/CVE-2017-14496"
},
{
"category": "external",
"summary": "SUSE Bug 1060360 for CVE-2017-14496",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "external",
"summary": "SUSE Bug 1060361 for CVE-2017-14496",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "external",
"summary": "SUSE Bug 1060362 for CVE-2017-14496",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "external",
"summary": "SUSE Bug 1060364 for CVE-2017-14496",
"url": "https://bugzilla.suse.com/1060364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:dnsmasq-2.78-0.16.5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.78-0.16.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:53:56Z",
"details": "important"
}
],
"title": "CVE-2017-14496"
}
]
}
suse-su-2015:0979-2
Vulnerability from csaf_suse
Published
2015-04-28 16:45
Modified
2015-04-28 16:45
Summary
Security update for dnsmasq
Notes
Title of the patch
Security update for dnsmasq
Description of the patch
The DNS server dnsmasq was updated to fix one security issue and one non-security bug.
The following vulnerability was fixed:
* CVE-2015-3294: A remote unauthenticated attacker could have caused a denial of service (DoS) or read heap memory, potentially disclosing information such as performed DNS queries or encryption keys. (bsc#928867)
The following bug was fixed:
* bsc#923144: When answer to an upstream query is a CNAME pointing to an A/AAAA record which is present locally (/etc/hosts), allow caching when the upstream and local A/AAAA records have the same value.
Patchnames
SUSE-SLE12-CLOUD-5-2015-229
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for dnsmasq",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The DNS server dnsmasq was updated to fix one security issue and one non-security bug.\n\nThe following vulnerability was fixed:\n\n* CVE-2015-3294: A remote unauthenticated attacker could have caused a denial of service (DoS) or read heap memory, potentially disclosing information such as performed DNS queries or encryption keys. (bsc#928867)\n\nThe following bug was fixed:\n\n* bsc#923144: When answer to an upstream query is a CNAME pointing to an A/AAAA record which is present locally (/etc/hosts), allow caching when the upstream and local A/AAAA records have the same value.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE12-CLOUD-5-2015-229",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_0979-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:0979-2",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150979-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:0979-2",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-June/001455.html"
},
{
"category": "self",
"summary": "SUSE Bug 923144",
"url": "https://bugzilla.suse.com/923144"
},
{
"category": "self",
"summary": "SUSE Bug 928867",
"url": "https://bugzilla.suse.com/928867"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3294 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3294/"
}
],
"title": "Security update for dnsmasq",
"tracking": {
"current_release_date": "2015-04-28T16:45:15Z",
"generator": {
"date": "2015-04-28T16:45:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:0979-2",
"initial_release_date": "2015-04-28T16:45:15Z",
"revision_history": [
{
"date": "2015-04-28T16:45:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-utils-2.71-4.1.x86_64",
"product": {
"name": "dnsmasq-utils-2.71-4.1.x86_64",
"product_id": "dnsmasq-utils-2.71-4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product": {
"name": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-sle12-cloud-compute:5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-utils-2.71-4.1.x86_64 as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:dnsmasq-utils-2.71-4.1.x86_64"
},
"product_reference": "dnsmasq-utils-2.71-4.1.x86_64",
"relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-3294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3294"
}
],
"notes": [
{
"category": "general",
"text": "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:dnsmasq-utils-2.71-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3294",
"url": "https://www.suse.com/security/cve/CVE-2015-3294"
},
{
"category": "external",
"summary": "SUSE Bug 923144 for CVE-2015-3294",
"url": "https://bugzilla.suse.com/923144"
},
{
"category": "external",
"summary": "SUSE Bug 928867 for CVE-2015-3294",
"url": "https://bugzilla.suse.com/928867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:dnsmasq-utils-2.71-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-04-28T16:45:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-3294"
}
]
}
suse-su-2017:2616-1
Vulnerability from csaf_suse
Published
2017-10-02 13:53
Modified
2017-10-02 13:53
Summary
Security update for dnsmasq
Notes
Title of the patch
Security update for dnsmasq
Description of the patch
This update for dnsmasq fixes the following issues.
Remedy the following security issues:
- CVE-2017-14491: 2 byte heap based overflow. [bsc#1060354]
- CVE-2017-14492: heap based overflow. [bsc#1060355]
- CVE-2017-14493: stack based overflow. [bsc#1060360]
- CVE-2017-14494: DHCP - info leak. [bsc#1060361]
- CVE-2017-14495: DNS - OOM DoS. [bsc#1060362]
- CVE-2017-14496: DNS - DoS Integer underflow. [bsc#1060364]
- Prevent a man-in-the-middle attack (bsc#972164, fate#321175).
Furthermore, the following issues have been fixed:
- Fix DHCP relaying, broken in 2.76 and 2.77.
- Update to version 2.78 (fate#321175, fate#322030, bsc#1035227).
- Fix PXE booting for UEFI architectures (fate#322030).
- Drop PrivateDevices=yes which breaks logging (bsc#902511, bsc#904537)
- Build with support for DNSSEC (fate#318323, bsc#908137).
Please note that this update brings a (small) potential incompatibility in the
handling of 'basename' in --pxe-service. Please read the CHANGELOG and the
documentation if you are using this option.
Patchnames
SUSE-SLE-SERVER-12-2017-1616
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for dnsmasq",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for dnsmasq fixes the following issues.\n\nRemedy the following security issues:\n\n- CVE-2017-14491: 2 byte heap based overflow. [bsc#1060354]\n- CVE-2017-14492: heap based overflow. [bsc#1060355]\n- CVE-2017-14493: stack based overflow. [bsc#1060360]\n- CVE-2017-14494: DHCP - info leak. [bsc#1060361]\n- CVE-2017-14495: DNS - OOM DoS. [bsc#1060362]\n- CVE-2017-14496: DNS - DoS Integer underflow. [bsc#1060364]\n- Prevent a man-in-the-middle attack (bsc#972164, fate#321175).\n\nFurthermore, the following issues have been fixed:\n\n- Fix DHCP relaying, broken in 2.76 and 2.77.\n- Update to version 2.78 (fate#321175, fate#322030, bsc#1035227).\n- Fix PXE booting for UEFI architectures (fate#322030).\n- Drop PrivateDevices=yes which breaks logging (bsc#902511, bsc#904537)\n- Build with support for DNSSEC (fate#318323, bsc#908137).\n\nPlease note that this update brings a (small) potential incompatibility in the\nhandling of \u0027basename\u0027 in --pxe-service. Please read the CHANGELOG and the\ndocumentation if you are using this option.\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SERVER-12-2017-1616",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2616-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:2616-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172616-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:2616-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-October/003268.html"
},
{
"category": "self",
"summary": "SUSE Bug 1035227",
"url": "https://bugzilla.suse.com/1035227"
},
{
"category": "self",
"summary": "SUSE Bug 1060354",
"url": "https://bugzilla.suse.com/1060354"
},
{
"category": "self",
"summary": "SUSE Bug 1060355",
"url": "https://bugzilla.suse.com/1060355"
},
{
"category": "self",
"summary": "SUSE Bug 1060360",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "self",
"summary": "SUSE Bug 1060361",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "self",
"summary": "SUSE Bug 1060362",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "self",
"summary": "SUSE Bug 1060364",
"url": "https://bugzilla.suse.com/1060364"
},
{
"category": "self",
"summary": "SUSE Bug 902511",
"url": "https://bugzilla.suse.com/902511"
},
{
"category": "self",
"summary": "SUSE Bug 904537",
"url": "https://bugzilla.suse.com/904537"
},
{
"category": "self",
"summary": "SUSE Bug 908137",
"url": "https://bugzilla.suse.com/908137"
},
{
"category": "self",
"summary": "SUSE Bug 972164",
"url": "https://bugzilla.suse.com/972164"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3294 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3294/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8899 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14491 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14492 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14493 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14493/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14494 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14494/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14495 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14496 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14496/"
}
],
"title": "Security update for dnsmasq",
"tracking": {
"current_release_date": "2017-10-02T13:53:30Z",
"generator": {
"date": "2017-10-02T13:53:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:2616-1",
"initial_release_date": "2017-10-02T13:53:30Z",
"revision_history": [
{
"date": "2017-10-02T13:53:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.78-6.6.1.ppc64le",
"product": {
"name": "dnsmasq-2.78-6.6.1.ppc64le",
"product_id": "dnsmasq-2.78-6.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.78-6.6.1.s390x",
"product": {
"name": "dnsmasq-2.78-6.6.1.s390x",
"product_id": "dnsmasq-2.78-6.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.78-6.6.1.x86_64",
"product": {
"name": "dnsmasq-2.78-6.6.1.x86_64",
"product_id": "dnsmasq-2.78-6.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-6.6.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le"
},
"product_reference": "dnsmasq-2.78-6.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-6.6.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x"
},
"product_reference": "dnsmasq-2.78-6.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-6.6.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
},
"product_reference": "dnsmasq-2.78-6.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-3294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3294"
}
],
"notes": [
{
"category": "general",
"text": "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3294",
"url": "https://www.suse.com/security/cve/CVE-2015-3294"
},
{
"category": "external",
"summary": "SUSE Bug 923144 for CVE-2015-3294",
"url": "https://bugzilla.suse.com/923144"
},
{
"category": "external",
"summary": "SUSE Bug 928867 for CVE-2015-3294",
"url": "https://bugzilla.suse.com/928867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2015-3294"
},
{
"cve": "CVE-2015-8899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8899"
}
],
"notes": [
{
"category": "general",
"text": "Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8899",
"url": "https://www.suse.com/security/cve/CVE-2015-8899"
},
{
"category": "external",
"summary": "SUSE Bug 983273 for CVE-2015-8899",
"url": "https://bugzilla.suse.com/983273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2015-8899"
},
{
"cve": "CVE-2017-14491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14491"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14491",
"url": "https://www.suse.com/security/cve/CVE-2017-14491"
},
{
"category": "external",
"summary": "SUSE Bug 1060354 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1060354"
},
{
"category": "external",
"summary": "SUSE Bug 1060360 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "external",
"summary": "SUSE Bug 1060361 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "external",
"summary": "SUSE Bug 1060362 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "external",
"summary": "SUSE Bug 1060364 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1060364"
},
{
"category": "external",
"summary": "SUSE Bug 1063832 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1063832"
},
{
"category": "external",
"summary": "SUSE Bug 1143944 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1143944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2017-14491"
},
{
"cve": "CVE-2017-14492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14492"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14492",
"url": "https://www.suse.com/security/cve/CVE-2017-14492"
},
{
"category": "external",
"summary": "SUSE Bug 1060355 for CVE-2017-14492",
"url": "https://bugzilla.suse.com/1060355"
},
{
"category": "external",
"summary": "SUSE Bug 1060360 for CVE-2017-14492",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "external",
"summary": "SUSE Bug 1060361 for CVE-2017-14492",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "external",
"summary": "SUSE Bug 1060362 for CVE-2017-14492",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "external",
"summary": "SUSE Bug 1060364 for CVE-2017-14492",
"url": "https://bugzilla.suse.com/1060364"
},
{
"category": "external",
"summary": "SUSE Bug 1063832 for CVE-2017-14492",
"url": "https://bugzilla.suse.com/1063832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2017-14492"
},
{
"cve": "CVE-2017-14493",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14493"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14493",
"url": "https://www.suse.com/security/cve/CVE-2017-14493"
},
{
"category": "external",
"summary": "SUSE Bug 1060360 for CVE-2017-14493",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "external",
"summary": "SUSE Bug 1060361 for CVE-2017-14493",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "external",
"summary": "SUSE Bug 1060362 for CVE-2017-14493",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "external",
"summary": "SUSE Bug 1060364 for CVE-2017-14493",
"url": "https://bugzilla.suse.com/1060364"
},
{
"category": "external",
"summary": "SUSE Bug 1063832 for CVE-2017-14493",
"url": "https://bugzilla.suse.com/1063832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2017-14493"
},
{
"cve": "CVE-2017-14494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14494"
}
],
"notes": [
{
"category": "general",
"text": "dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14494",
"url": "https://www.suse.com/security/cve/CVE-2017-14494"
},
{
"category": "external",
"summary": "SUSE Bug 1060360 for CVE-2017-14494",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "external",
"summary": "SUSE Bug 1060361 for CVE-2017-14494",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "external",
"summary": "SUSE Bug 1060362 for CVE-2017-14494",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "external",
"summary": "SUSE Bug 1060364 for CVE-2017-14494",
"url": "https://bugzilla.suse.com/1060364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2017-14494"
},
{
"cve": "CVE-2017-14495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14495"
}
],
"notes": [
{
"category": "general",
"text": "Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14495",
"url": "https://www.suse.com/security/cve/CVE-2017-14495"
},
{
"category": "external",
"summary": "SUSE Bug 1060360 for CVE-2017-14495",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "external",
"summary": "SUSE Bug 1060361 for CVE-2017-14495",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "external",
"summary": "SUSE Bug 1060362 for CVE-2017-14495",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "external",
"summary": "SUSE Bug 1060364 for CVE-2017-14495",
"url": "https://bugzilla.suse.com/1060364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:53:30Z",
"details": "important"
}
],
"title": "CVE-2017-14495"
},
{
"cve": "CVE-2017-14496",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14496"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14496",
"url": "https://www.suse.com/security/cve/CVE-2017-14496"
},
{
"category": "external",
"summary": "SUSE Bug 1060360 for CVE-2017-14496",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "external",
"summary": "SUSE Bug 1060361 for CVE-2017-14496",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "external",
"summary": "SUSE Bug 1060362 for CVE-2017-14496",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "external",
"summary": "SUSE Bug 1060364 for CVE-2017-14496",
"url": "https://bugzilla.suse.com/1060364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:dnsmasq-2.78-6.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:53:30Z",
"details": "important"
}
],
"title": "CVE-2017-14496"
}
]
}
suse-su-2015:0979-1
Vulnerability from csaf_suse
Published
2015-04-28 15:39
Modified
2015-04-28 15:39
Summary
Security update for dnsmasq
Notes
Title of the patch
Security update for dnsmasq
Description of the patch
The DNS server dnsmasq was updated to fix one security issue and one non-security bug.
The following vulnerability was fixed:
* CVE-2015-3294: A remote unauthenticated attacker could have caused a denial of service (DoS) or read heap memory, potentially disclosing information such as performed DNS queries or encryption keys. (bsc#928867)
The following bug was fixed:
* bsc#923144: When answer to an upstream query is a CNAME pointing to an A/AAAA record which is present locally (/etc/hosts), allow caching when the upstream and local A/AAAA records have the same value.
Patchnames
SUSE-SLE-DESKTOP-12-2015-229,SUSE-SLE-SERVER-12-2015-229
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for dnsmasq",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The DNS server dnsmasq was updated to fix one security issue and one non-security bug.\n\nThe following vulnerability was fixed:\n\n* CVE-2015-3294: A remote unauthenticated attacker could have caused a denial of service (DoS) or read heap memory, potentially disclosing information such as performed DNS queries or encryption keys. (bsc#928867)\n\nThe following bug was fixed:\n\n* bsc#923144: When answer to an upstream query is a CNAME pointing to an A/AAAA record which is present locally (/etc/hosts), allow caching when the upstream and local A/AAAA records have the same value.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-2015-229,SUSE-SLE-SERVER-12-2015-229",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_0979-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:0979-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150979-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:0979-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-June/001418.html"
},
{
"category": "self",
"summary": "SUSE Bug 923144",
"url": "https://bugzilla.suse.com/923144"
},
{
"category": "self",
"summary": "SUSE Bug 928867",
"url": "https://bugzilla.suse.com/928867"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3294 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3294/"
}
],
"title": "Security update for dnsmasq",
"tracking": {
"current_release_date": "2015-04-28T15:39:11Z",
"generator": {
"date": "2015-04-28T15:39:11Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:0979-1",
"initial_release_date": "2015-04-28T15:39:11Z",
"revision_history": [
{
"date": "2015-04-28T15:39:11Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.71-4.1.ppc64le",
"product": {
"name": "dnsmasq-2.71-4.1.ppc64le",
"product_id": "dnsmasq-2.71-4.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.71-4.1.s390x",
"product": {
"name": "dnsmasq-2.71-4.1.s390x",
"product_id": "dnsmasq-2.71-4.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.71-4.1.x86_64",
"product": {
"name": "dnsmasq-2.71-4.1.x86_64",
"product_id": "dnsmasq-2.71-4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12",
"product": {
"name": "SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12",
"product": {
"name": "SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-4.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:dnsmasq-2.71-4.1.x86_64"
},
"product_reference": "dnsmasq-2.71-4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-4.1.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:dnsmasq-2.71-4.1.ppc64le"
},
"product_reference": "dnsmasq-2.71-4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-4.1.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:dnsmasq-2.71-4.1.s390x"
},
"product_reference": "dnsmasq-2.71-4.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-4.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:dnsmasq-2.71-4.1.x86_64"
},
"product_reference": "dnsmasq-2.71-4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-4.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:dnsmasq-2.71-4.1.ppc64le"
},
"product_reference": "dnsmasq-2.71-4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-4.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:dnsmasq-2.71-4.1.s390x"
},
"product_reference": "dnsmasq-2.71-4.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-4.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:dnsmasq-2.71-4.1.x86_64"
},
"product_reference": "dnsmasq-2.71-4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-3294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3294"
}
],
"notes": [
{
"category": "general",
"text": "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:dnsmasq-2.71-4.1.x86_64",
"SUSE Linux Enterprise Server 12:dnsmasq-2.71-4.1.ppc64le",
"SUSE Linux Enterprise Server 12:dnsmasq-2.71-4.1.s390x",
"SUSE Linux Enterprise Server 12:dnsmasq-2.71-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:dnsmasq-2.71-4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:dnsmasq-2.71-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:dnsmasq-2.71-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3294",
"url": "https://www.suse.com/security/cve/CVE-2015-3294"
},
{
"category": "external",
"summary": "SUSE Bug 923144 for CVE-2015-3294",
"url": "https://bugzilla.suse.com/923144"
},
{
"category": "external",
"summary": "SUSE Bug 928867 for CVE-2015-3294",
"url": "https://bugzilla.suse.com/928867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:dnsmasq-2.71-4.1.x86_64",
"SUSE Linux Enterprise Server 12:dnsmasq-2.71-4.1.ppc64le",
"SUSE Linux Enterprise Server 12:dnsmasq-2.71-4.1.s390x",
"SUSE Linux Enterprise Server 12:dnsmasq-2.71-4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:dnsmasq-2.71-4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:dnsmasq-2.71-4.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:dnsmasq-2.71-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-04-28T15:39:11Z",
"details": "moderate"
}
],
"title": "CVE-2015-3294"
}
]
}
suse-su-2015:1015-1
Vulnerability from csaf_suse
Published
2014-07-01 23:04
Modified
2014-07-01 23:04
Summary
Recommended update for dnsmasq
Notes
Title of the patch
Recommended update for dnsmasq
Description of the patch
This update provides dnsmasq version 2.71, which brings several fixes and
enhancements. For a comprehensive list of changes, please refer to the
package change log. (FATE#317370)
Patchnames
sledsp3-dnsmasq,slessp3-dnsmasq
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for dnsmasq",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update provides dnsmasq version 2.71, which brings several fixes and \nenhancements. For a comprehensive list of changes, please refer to the \npackage change log. (FATE#317370)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sledsp3-dnsmasq,slessp3-dnsmasq",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_1015-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:1015-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20151015-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:1015-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-June/001425.html"
},
{
"category": "self",
"summary": "SUSE Bug 776496",
"url": "https://bugzilla.suse.com/776496"
},
{
"category": "self",
"summary": "SUSE Bug 883708",
"url": "https://bugzilla.suse.com/883708"
},
{
"category": "self",
"summary": "SUSE Bug 923144",
"url": "https://bugzilla.suse.com/923144"
},
{
"category": "self",
"summary": "SUSE Bug 928867",
"url": "https://bugzilla.suse.com/928867"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3294 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3294/"
}
],
"title": "Recommended update for dnsmasq",
"tracking": {
"current_release_date": "2014-07-01T23:04:51Z",
"generator": {
"date": "2014-07-01T23:04:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:1015-1",
"initial_release_date": "2014-07-01T23:04:51Z",
"revision_history": [
{
"date": "2014-07-01T23:04:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.71-0.11.1.i586",
"product": {
"name": "dnsmasq-2.71-0.11.1.i586",
"product_id": "dnsmasq-2.71-0.11.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.71-0.11.1.ia64",
"product": {
"name": "dnsmasq-2.71-0.11.1.ia64",
"product_id": "dnsmasq-2.71-0.11.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.71-0.11.1.ppc64",
"product": {
"name": "dnsmasq-2.71-0.11.1.ppc64",
"product_id": "dnsmasq-2.71-0.11.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.71-0.11.1.s390x",
"product": {
"name": "dnsmasq-2.71-0.11.1.s390x",
"product_id": "dnsmasq-2.71-0.11.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.71-0.11.1.x86_64",
"product": {
"name": "dnsmasq-2.71-0.11.1.x86_64",
"product_id": "dnsmasq-2.71-0.11.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop 11 SP3",
"product_id": "SUSE Linux Enterprise Desktop 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sled:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:11:sp3:teradata"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-0.11.1.i586 as component of SUSE Linux Enterprise Desktop 11 SP3",
"product_id": "SUSE Linux Enterprise Desktop 11 SP3:dnsmasq-2.71-0.11.1.i586"
},
"product_reference": "dnsmasq-2.71-0.11.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-0.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP3",
"product_id": "SUSE Linux Enterprise Desktop 11 SP3:dnsmasq-2.71-0.11.1.x86_64"
},
"product_reference": "dnsmasq-2.71-0.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-0.11.1.i586 as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:dnsmasq-2.71-0.11.1.i586"
},
"product_reference": "dnsmasq-2.71-0.11.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-0.11.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:dnsmasq-2.71-0.11.1.ia64"
},
"product_reference": "dnsmasq-2.71-0.11.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-0.11.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:dnsmasq-2.71-0.11.1.ppc64"
},
"product_reference": "dnsmasq-2.71-0.11.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-0.11.1.s390x as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:dnsmasq-2.71-0.11.1.s390x"
},
"product_reference": "dnsmasq-2.71-0.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-0.11.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:dnsmasq-2.71-0.11.1.x86_64"
},
"product_reference": "dnsmasq-2.71-0.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-0.11.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.71-0.11.1.i586"
},
"product_reference": "dnsmasq-2.71-0.11.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-0.11.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.71-0.11.1.ia64"
},
"product_reference": "dnsmasq-2.71-0.11.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-0.11.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.71-0.11.1.ppc64"
},
"product_reference": "dnsmasq-2.71-0.11.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-0.11.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.71-0.11.1.s390x"
},
"product_reference": "dnsmasq-2.71-0.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-0.11.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.71-0.11.1.x86_64"
},
"product_reference": "dnsmasq-2.71-0.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-0.11.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:dnsmasq-2.71-0.11.1.i586"
},
"product_reference": "dnsmasq-2.71-0.11.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-0.11.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:dnsmasq-2.71-0.11.1.ia64"
},
"product_reference": "dnsmasq-2.71-0.11.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-0.11.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:dnsmasq-2.71-0.11.1.ppc64"
},
"product_reference": "dnsmasq-2.71-0.11.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-0.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:dnsmasq-2.71-0.11.1.s390x"
},
"product_reference": "dnsmasq-2.71-0.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.71-0.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:dnsmasq-2.71-0.11.1.x86_64"
},
"product_reference": "dnsmasq-2.71-0.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-3294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3294"
}
],
"notes": [
{
"category": "general",
"text": "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:dnsmasq-2.71-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:dnsmasq-2.71-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.71-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.71-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.71-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.71-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.71-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:dnsmasq-2.71-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:dnsmasq-2.71-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:dnsmasq-2.71-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:dnsmasq-2.71-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:dnsmasq-2.71-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:dnsmasq-2.71-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:dnsmasq-2.71-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:dnsmasq-2.71-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:dnsmasq-2.71-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:dnsmasq-2.71-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3294",
"url": "https://www.suse.com/security/cve/CVE-2015-3294"
},
{
"category": "external",
"summary": "SUSE Bug 923144 for CVE-2015-3294",
"url": "https://bugzilla.suse.com/923144"
},
{
"category": "external",
"summary": "SUSE Bug 928867 for CVE-2015-3294",
"url": "https://bugzilla.suse.com/928867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:dnsmasq-2.71-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:dnsmasq-2.71-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.71-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.71-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.71-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.71-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:dnsmasq-2.71-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:dnsmasq-2.71-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:dnsmasq-2.71-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:dnsmasq-2.71-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:dnsmasq-2.71-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:dnsmasq-2.71-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:dnsmasq-2.71-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:dnsmasq-2.71-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:dnsmasq-2.71-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:dnsmasq-2.71-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:dnsmasq-2.71-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-07-01T23:04:51Z",
"details": "moderate"
}
],
"title": "CVE-2015-3294"
}
]
}
suse-su-2017:2619-1
Vulnerability from csaf_suse
Published
2017-10-02 13:51
Modified
2017-10-02 13:51
Summary
Security update for dnsmasq
Notes
Title of the patch
Security update for dnsmasq
Description of the patch
This update for dnsmasq fixes the following security issues:
- CVE-2017-14491: 2 byte heap based overflow. [bsc#1060354]
- CVE-2017-14492: heap based overflow. [bsc#1060355]
- CVE-2017-14493: stack based overflow. [bsc#1060360]
- CVE-2017-14494: DHCP - info leak. [bsc#1060361]
- CVE-2017-14495: DNS - OOM DoS. [bsc#1060362]
- CVE-2017-14496: DNS - DoS Integer underflow. [bsc#1060364]
This update brings a (small) potential incompatibility in the handling of
'basename' in --pxe-service. Please read the CHANGELOG and the documentation if
you are using this option.
Patchnames
slessp4-dnsmasq-13294
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for dnsmasq",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for dnsmasq fixes the following security issues:\n\n- CVE-2017-14491: 2 byte heap based overflow. [bsc#1060354]\n- CVE-2017-14492: heap based overflow. [bsc#1060355]\n- CVE-2017-14493: stack based overflow. [bsc#1060360]\n- CVE-2017-14494: DHCP - info leak. [bsc#1060361]\n- CVE-2017-14495: DNS - OOM DoS. [bsc#1060362]\n- CVE-2017-14496: DNS - DoS Integer underflow. [bsc#1060364]\n\nThis update brings a (small) potential incompatibility in the handling of\n\u0027basename\u0027 in --pxe-service. Please read the CHANGELOG and the documentation if\nyou are using this option.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp4-dnsmasq-13294",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2619-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:2619-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172619-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:2619-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-October/003271.html"
},
{
"category": "self",
"summary": "SUSE Bug 1060354",
"url": "https://bugzilla.suse.com/1060354"
},
{
"category": "self",
"summary": "SUSE Bug 1060355",
"url": "https://bugzilla.suse.com/1060355"
},
{
"category": "self",
"summary": "SUSE Bug 1060360",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "self",
"summary": "SUSE Bug 1060361",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "self",
"summary": "SUSE Bug 1060362",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "self",
"summary": "SUSE Bug 1060364",
"url": "https://bugzilla.suse.com/1060364"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3294 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3294/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8899 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14491 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14492 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14493 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14493/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14494 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14494/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14495 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14496 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14496/"
}
],
"title": "Security update for dnsmasq",
"tracking": {
"current_release_date": "2017-10-02T13:51:46Z",
"generator": {
"date": "2017-10-02T13:51:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:2619-1",
"initial_release_date": "2017-10-02T13:51:46Z",
"revision_history": [
{
"date": "2017-10-02T13:51:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.78-0.17.5.1.i586",
"product": {
"name": "dnsmasq-2.78-0.17.5.1.i586",
"product_id": "dnsmasq-2.78-0.17.5.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.78-0.17.5.1.ia64",
"product": {
"name": "dnsmasq-2.78-0.17.5.1.ia64",
"product_id": "dnsmasq-2.78-0.17.5.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.78-0.17.5.1.ppc64",
"product": {
"name": "dnsmasq-2.78-0.17.5.1.ppc64",
"product_id": "dnsmasq-2.78-0.17.5.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.78-0.17.5.1.s390x",
"product": {
"name": "dnsmasq-2.78-0.17.5.1.s390x",
"product_id": "dnsmasq-2.78-0.17.5.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.78-0.17.5.1.x86_64",
"product": {
"name": "dnsmasq-2.78-0.17.5.1.x86_64",
"product_id": "dnsmasq-2.78-0.17.5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-0.17.5.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586"
},
"product_reference": "dnsmasq-2.78-0.17.5.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-0.17.5.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64"
},
"product_reference": "dnsmasq-2.78-0.17.5.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-0.17.5.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64"
},
"product_reference": "dnsmasq-2.78-0.17.5.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-0.17.5.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x"
},
"product_reference": "dnsmasq-2.78-0.17.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-0.17.5.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
},
"product_reference": "dnsmasq-2.78-0.17.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-0.17.5.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586"
},
"product_reference": "dnsmasq-2.78-0.17.5.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-0.17.5.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64"
},
"product_reference": "dnsmasq-2.78-0.17.5.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-0.17.5.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64"
},
"product_reference": "dnsmasq-2.78-0.17.5.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-0.17.5.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x"
},
"product_reference": "dnsmasq-2.78-0.17.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.78-0.17.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
},
"product_reference": "dnsmasq-2.78-0.17.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-3294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3294"
}
],
"notes": [
{
"category": "general",
"text": "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3294",
"url": "https://www.suse.com/security/cve/CVE-2015-3294"
},
{
"category": "external",
"summary": "SUSE Bug 923144 for CVE-2015-3294",
"url": "https://bugzilla.suse.com/923144"
},
{
"category": "external",
"summary": "SUSE Bug 928867 for CVE-2015-3294",
"url": "https://bugzilla.suse.com/928867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:51:46Z",
"details": "moderate"
}
],
"title": "CVE-2015-3294"
},
{
"cve": "CVE-2015-8899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8899"
}
],
"notes": [
{
"category": "general",
"text": "Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8899",
"url": "https://www.suse.com/security/cve/CVE-2015-8899"
},
{
"category": "external",
"summary": "SUSE Bug 983273 for CVE-2015-8899",
"url": "https://bugzilla.suse.com/983273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:51:46Z",
"details": "moderate"
}
],
"title": "CVE-2015-8899"
},
{
"cve": "CVE-2017-14491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14491"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14491",
"url": "https://www.suse.com/security/cve/CVE-2017-14491"
},
{
"category": "external",
"summary": "SUSE Bug 1060354 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1060354"
},
{
"category": "external",
"summary": "SUSE Bug 1060360 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "external",
"summary": "SUSE Bug 1060361 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "external",
"summary": "SUSE Bug 1060362 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "external",
"summary": "SUSE Bug 1060364 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1060364"
},
{
"category": "external",
"summary": "SUSE Bug 1063832 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1063832"
},
{
"category": "external",
"summary": "SUSE Bug 1143944 for CVE-2017-14491",
"url": "https://bugzilla.suse.com/1143944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:51:46Z",
"details": "moderate"
}
],
"title": "CVE-2017-14491"
},
{
"cve": "CVE-2017-14492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14492"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14492",
"url": "https://www.suse.com/security/cve/CVE-2017-14492"
},
{
"category": "external",
"summary": "SUSE Bug 1060355 for CVE-2017-14492",
"url": "https://bugzilla.suse.com/1060355"
},
{
"category": "external",
"summary": "SUSE Bug 1060360 for CVE-2017-14492",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "external",
"summary": "SUSE Bug 1060361 for CVE-2017-14492",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "external",
"summary": "SUSE Bug 1060362 for CVE-2017-14492",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "external",
"summary": "SUSE Bug 1060364 for CVE-2017-14492",
"url": "https://bugzilla.suse.com/1060364"
},
{
"category": "external",
"summary": "SUSE Bug 1063832 for CVE-2017-14492",
"url": "https://bugzilla.suse.com/1063832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:51:46Z",
"details": "moderate"
}
],
"title": "CVE-2017-14492"
},
{
"cve": "CVE-2017-14493",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14493"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14493",
"url": "https://www.suse.com/security/cve/CVE-2017-14493"
},
{
"category": "external",
"summary": "SUSE Bug 1060360 for CVE-2017-14493",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "external",
"summary": "SUSE Bug 1060361 for CVE-2017-14493",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "external",
"summary": "SUSE Bug 1060362 for CVE-2017-14493",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "external",
"summary": "SUSE Bug 1060364 for CVE-2017-14493",
"url": "https://bugzilla.suse.com/1060364"
},
{
"category": "external",
"summary": "SUSE Bug 1063832 for CVE-2017-14493",
"url": "https://bugzilla.suse.com/1063832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:51:46Z",
"details": "moderate"
}
],
"title": "CVE-2017-14493"
},
{
"cve": "CVE-2017-14494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14494"
}
],
"notes": [
{
"category": "general",
"text": "dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14494",
"url": "https://www.suse.com/security/cve/CVE-2017-14494"
},
{
"category": "external",
"summary": "SUSE Bug 1060360 for CVE-2017-14494",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "external",
"summary": "SUSE Bug 1060361 for CVE-2017-14494",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "external",
"summary": "SUSE Bug 1060362 for CVE-2017-14494",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "external",
"summary": "SUSE Bug 1060364 for CVE-2017-14494",
"url": "https://bugzilla.suse.com/1060364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:51:46Z",
"details": "moderate"
}
],
"title": "CVE-2017-14494"
},
{
"cve": "CVE-2017-14495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14495"
}
],
"notes": [
{
"category": "general",
"text": "Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14495",
"url": "https://www.suse.com/security/cve/CVE-2017-14495"
},
{
"category": "external",
"summary": "SUSE Bug 1060360 for CVE-2017-14495",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "external",
"summary": "SUSE Bug 1060361 for CVE-2017-14495",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "external",
"summary": "SUSE Bug 1060362 for CVE-2017-14495",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "external",
"summary": "SUSE Bug 1060364 for CVE-2017-14495",
"url": "https://bugzilla.suse.com/1060364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:51:46Z",
"details": "important"
}
],
"title": "CVE-2017-14495"
},
{
"cve": "CVE-2017-14496",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14496"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14496",
"url": "https://www.suse.com/security/cve/CVE-2017-14496"
},
{
"category": "external",
"summary": "SUSE Bug 1060360 for CVE-2017-14496",
"url": "https://bugzilla.suse.com/1060360"
},
{
"category": "external",
"summary": "SUSE Bug 1060361 for CVE-2017-14496",
"url": "https://bugzilla.suse.com/1060361"
},
{
"category": "external",
"summary": "SUSE Bug 1060362 for CVE-2017-14496",
"url": "https://bugzilla.suse.com/1060362"
},
{
"category": "external",
"summary": "SUSE Bug 1060364 for CVE-2017-14496",
"url": "https://bugzilla.suse.com/1060364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:dnsmasq-2.78-0.17.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-02T13:51:46Z",
"details": "important"
}
],
"title": "CVE-2017-14496"
}
]
}
cnvd-2015-02804
Vulnerability from cnvd
Title: Dnsmasq 'setup_reply()'拒绝服务漏洞
Description:
DNSmasq是一个小巧且方便地用于配置DNS和DHCP的工具,适用于小型网络,它提供了DNS功能和可选择的DHCP功能。
Dnsmasq在实现上存在拒绝服务漏洞,通过构造的DNS请求包,远程用户利用此漏洞可读取进程内存内容,造成目标服务崩溃。
Severity: 中
Patch Name: Dnsmasq 'setup_reply()'拒绝服务漏洞的补丁
Patch Description:
DNSmasq是一个小巧且方便地用于配置DNS和DHCP的工具,适用于小型网络,它提供了DNS功能和可选择的DHCP功能。Dnsmasq在实现上存在拒绝服务漏洞,通过构造的DNS请求包,远程用户利用此漏洞可读取进程内存内容,造成目标服务崩溃。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description:
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=ad4a8ff7d9097008d7623df8543df435bfddeac8
Reference: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3294
Impacted products
| Name | Dnsmasq Dnsmasq |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2015-3294"
}
},
"description": "DNSmasq\u662f\u4e00\u4e2a\u5c0f\u5de7\u4e14\u65b9\u4fbf\u5730\u7528\u4e8e\u914d\u7f6eDNS\u548cDHCP\u7684\u5de5\u5177\uff0c\u9002\u7528\u4e8e\u5c0f\u578b\u7f51\u7edc\uff0c\u5b83\u63d0\u4f9b\u4e86DNS\u529f\u80fd\u548c\u53ef\u9009\u62e9\u7684DHCP\u529f\u80fd\u3002\r\n\r\nDnsmasq\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u901a\u8fc7\u6784\u9020\u7684DNS\u8bf7\u6c42\u5305\uff0c\u8fdc\u7a0b\u7528\u6237\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u8bfb\u53d6\u8fdb\u7a0b\u5185\u5b58\u5185\u5bb9\uff0c\u9020\u6210\u76ee\u6807\u670d\u52a1\u5d29\u6e83\u3002",
"discovererName": "Nick Sampanis",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttp://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html\r\nhttp://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=ad4a8ff7d9097008d7623df8543df435bfddeac8",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2015-02804",
"openTime": "2015-04-29",
"patchDescription": "DNSmasq\u662f\u4e00\u4e2a\u5c0f\u5de7\u4e14\u65b9\u4fbf\u5730\u7528\u4e8e\u914d\u7f6eDNS\u548cDHCP\u7684\u5de5\u5177\uff0c\u9002\u7528\u4e8e\u5c0f\u578b\u7f51\u7edc\uff0c\u5b83\u63d0\u4f9b\u4e86DNS\u529f\u80fd\u548c\u53ef\u9009\u62e9\u7684DHCP\u529f\u80fd\u3002Dnsmasq\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u901a\u8fc7\u6784\u9020\u7684DNS\u8bf7\u6c42\u5305\uff0c\u8fdc\u7a0b\u7528\u6237\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u8bfb\u53d6\u8fdb\u7a0b\u5185\u5b58\u5185\u5bb9\uff0c\u9020\u6210\u76ee\u6807\u670d\u52a1\u5d29\u6e83\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Dnsmasq \u0027setup_reply()\u0027\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Dnsmasq Dnsmasq"
},
"referenceLink": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3294",
"serverity": "\u4e2d",
"submitTime": "2015-04-28",
"title": "Dnsmasq \u0027setup_reply()\u0027\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}
fkie_cve-2015-3294
Vulnerability from fkie_nvd
Published
2015-05-08 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| thekelleys | dnsmasq | * | |
| oracle | solaris | 11.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:thekelleys:dnsmasq:*:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D4E32044-8F2B-48B6-8D85-46B7D62C3A87",
"versionEndIncluding": "2.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request."
},
{
"lang": "es",
"value": "La funci\u00f3n tcp_request en Dnsmasq anterior a 2.73rc4 no maneja correctamente el valor de retorno de la funci\u00f3n setup_reply, lo que permite a atacantes remotos leer la memoria de procesos y causar una denegaci\u00f3n de servicio (lectura fuera de rango y ca\u00edda) a trav\u00e9s de una solicitud DNS malformada."
}
],
"id": "CVE-2015-3294",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-05-08T14:59:05.527",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html"
},
{
"source": "cve@mitre.org",
"url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=ad4a8ff7d9097008d7623df8543df435bfddeac8"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3251"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/535354/100/1100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/74452"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032195"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2593-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201512-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=ad4a8ff7d9097008d7623df8543df435bfddeac8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3251"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/535354/100/1100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74452"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2593-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201512-01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-19"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
opensuse-su-2024:10195-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
dnsmasq-2.76-1.3 on GA media
Notes
Title of the patch
dnsmasq-2.76-1.3 on GA media
Description of the patch
These are all security issues fixed in the dnsmasq-2.76-1.3 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10195
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "dnsmasq-2.76-1.3 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the dnsmasq-2.76-1.3 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10195",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10195-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3294 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3294/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8899 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8899/"
}
],
"title": "dnsmasq-2.76-1.3 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10195-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.76-1.3.aarch64",
"product": {
"name": "dnsmasq-2.76-1.3.aarch64",
"product_id": "dnsmasq-2.76-1.3.aarch64"
}
},
{
"category": "product_version",
"name": "dnsmasq-utils-2.76-1.3.aarch64",
"product": {
"name": "dnsmasq-utils-2.76-1.3.aarch64",
"product_id": "dnsmasq-utils-2.76-1.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.76-1.3.ppc64le",
"product": {
"name": "dnsmasq-2.76-1.3.ppc64le",
"product_id": "dnsmasq-2.76-1.3.ppc64le"
}
},
{
"category": "product_version",
"name": "dnsmasq-utils-2.76-1.3.ppc64le",
"product": {
"name": "dnsmasq-utils-2.76-1.3.ppc64le",
"product_id": "dnsmasq-utils-2.76-1.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.76-1.3.s390x",
"product": {
"name": "dnsmasq-2.76-1.3.s390x",
"product_id": "dnsmasq-2.76-1.3.s390x"
}
},
{
"category": "product_version",
"name": "dnsmasq-utils-2.76-1.3.s390x",
"product": {
"name": "dnsmasq-utils-2.76-1.3.s390x",
"product_id": "dnsmasq-utils-2.76-1.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsmasq-2.76-1.3.x86_64",
"product": {
"name": "dnsmasq-2.76-1.3.x86_64",
"product_id": "dnsmasq-2.76-1.3.x86_64"
}
},
{
"category": "product_version",
"name": "dnsmasq-utils-2.76-1.3.x86_64",
"product": {
"name": "dnsmasq-utils-2.76-1.3.x86_64",
"product_id": "dnsmasq-utils-2.76-1.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.76-1.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dnsmasq-2.76-1.3.aarch64"
},
"product_reference": "dnsmasq-2.76-1.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.76-1.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dnsmasq-2.76-1.3.ppc64le"
},
"product_reference": "dnsmasq-2.76-1.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.76-1.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dnsmasq-2.76-1.3.s390x"
},
"product_reference": "dnsmasq-2.76-1.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-2.76-1.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dnsmasq-2.76-1.3.x86_64"
},
"product_reference": "dnsmasq-2.76-1.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-utils-2.76-1.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.aarch64"
},
"product_reference": "dnsmasq-utils-2.76-1.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-utils-2.76-1.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.ppc64le"
},
"product_reference": "dnsmasq-utils-2.76-1.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-utils-2.76-1.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.s390x"
},
"product_reference": "dnsmasq-utils-2.76-1.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsmasq-utils-2.76-1.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.x86_64"
},
"product_reference": "dnsmasq-utils-2.76-1.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-3294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3294"
}
],
"notes": [
{
"category": "general",
"text": "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.aarch64",
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.ppc64le",
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.s390x",
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.x86_64",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.aarch64",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.ppc64le",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.s390x",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3294",
"url": "https://www.suse.com/security/cve/CVE-2015-3294"
},
{
"category": "external",
"summary": "SUSE Bug 923144 for CVE-2015-3294",
"url": "https://bugzilla.suse.com/923144"
},
{
"category": "external",
"summary": "SUSE Bug 928867 for CVE-2015-3294",
"url": "https://bugzilla.suse.com/928867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.aarch64",
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.ppc64le",
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.s390x",
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.x86_64",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.aarch64",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.ppc64le",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.s390x",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-3294"
},
{
"cve": "CVE-2015-8899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8899"
}
],
"notes": [
{
"category": "general",
"text": "Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.aarch64",
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.ppc64le",
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.s390x",
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.x86_64",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.aarch64",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.ppc64le",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.s390x",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8899",
"url": "https://www.suse.com/security/cve/CVE-2015-8899"
},
{
"category": "external",
"summary": "SUSE Bug 983273 for CVE-2015-8899",
"url": "https://bugzilla.suse.com/983273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.aarch64",
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.ppc64le",
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.s390x",
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.x86_64",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.aarch64",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.ppc64le",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.s390x",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.aarch64",
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.ppc64le",
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.s390x",
"openSUSE Tumbleweed:dnsmasq-2.76-1.3.x86_64",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.aarch64",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.ppc64le",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.s390x",
"openSUSE Tumbleweed:dnsmasq-utils-2.76-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-8899"
}
]
}
ghsa-68qg-cgxp-wxcf
Vulnerability from github
Published
2022-05-14 02:48
Modified
2025-04-12 12:47
VLAI Severity ?
Details
The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.
{
"affected": [],
"aliases": [
"CVE-2015-3294"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2015-05-08T14:59:00Z",
"severity": "MODERATE"
},
"details": "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.",
"id": "GHSA-68qg-cgxp-wxcf",
"modified": "2025-04-12T12:47:39Z",
"published": "2022-05-14T02:48:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3294"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201512-01"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html"
},
{
"type": "WEB",
"url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html"
},
{
"type": "WEB",
"url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html"
},
{
"type": "WEB",
"url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=ad4a8ff7d9097008d7623df8543df435bfddeac8"
},
{
"type": "WEB",
"url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2015/dsa-3251"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/535354/100/1100/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/74452"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1032195"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-2593-1"
}
],
"schema_version": "1.4.0",
"severity": []
}
gsd-2015-3294
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2015-3294",
"description": "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.",
"id": "GSD-2015-3294",
"references": [
"https://www.suse.com/security/cve/CVE-2015-3294.html",
"https://www.debian.org/security/2015/dsa-3251",
"https://ubuntu.com/security/CVE-2015-3294",
"https://advisories.mageia.org/CVE-2015-3294.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2015-3294"
],
"details": "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.",
"id": "GSD-2015-3294",
"modified": "2023-12-13T01:20:07.502748Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3294",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3251",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3251"
},
{
"name": "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability",
"refsource": "MLIST",
"url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html"
},
{
"name": "openSUSE-SU-2015:0857",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html"
},
{
"name": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8",
"refsource": "CONFIRM",
"url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "USN-2593-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2593-1"
},
{
"name": "GLSA-201512-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201512-01"
},
{
"name": "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability",
"refsource": "MLIST",
"url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html"
},
{
"name": "1032195",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032195"
},
{
"name": "74452",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74452"
},
{
"name": "20150423 Dnsmasq 2.72 Unchecked returned value",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535354/100/1100/threaded"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:thekelleys:dnsmasq:*:rc3:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.73",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3294"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-19"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8",
"refsource": "CONFIRM",
"tags": [
"Patch"
],
"url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8"
},
{
"name": "DSA-3251",
"refsource": "DEBIAN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3251"
},
{
"name": "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability",
"refsource": "MLIST",
"tags": [
"Exploit"
],
"url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html"
},
{
"name": "USN-2593-1",
"refsource": "UBUNTU",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2593-1"
},
{
"name": "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability",
"refsource": "MLIST",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "GLSA-201512-01",
"refsource": "GENTOO",
"tags": [],
"url": "https://security.gentoo.org/glsa/201512-01"
},
{
"name": "1032195",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1032195"
},
{
"name": "74452",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/74452"
},
{
"name": "openSUSE-SU-2015:0857",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html"
},
{
"name": "20150423 Dnsmasq 2.72 Unchecked returned value",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/535354/100/1100/threaded"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2018-10-09T19:56Z",
"publishedDate": "2015-05-08T14:59Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…