Heap-based buffer overflow in dnsmasq (Alpine package)
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2017-14491 |
| CWE-ID | CWE-122 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software |
dnsmasq (Alpine package) Operating systems & Components / Operating system package or component |
| Vendor | Alpine Linux Development Team |
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) Heap-based buffer overflow
EUVDB-ID: #VU8660
Risk: High
CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2017-14491
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error in dnsmasq.c file when processing DNS replies. A remote unauthenticated attacker can send specially crafted DNS packets to the affected service, trigger heap-based buffer overflow by 2 bytes and crash the service or execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsdnsmasq (Alpine package): 2.52-r0 - 2.76-r1
CPE2.3- cpe:2.3:o:alpine:dnsmasq_alpine_package:2.52-r0:*:*:*:*:alpine_linux:*:1.10
- cpe:2.3:o:alpine:dnsmasq_alpine_package:2.55-r0:*:*:*:*:alpine_linux:*:2.0
- cpe:2.3:o:alpine:dnsmasq_alpine_package:2.57-r0:*:*:*:*:alpine_linux:*:2.2
https://git.alpinelinux.org/aports/commit/?id=cc3d92312d674250637dad701c603e3fdfedfb4e
https://git.alpinelinux.org/aports/commit/?id=70e17b5cf82bae935c9371277ce3d632742f5488
https://git.alpinelinux.org/aports/commit/?id=3640e0ea2d3be8fc17d71b9faad5a0b8806d7f78
https://git.alpinelinux.org/aports/commit/?id=3afe33ad348010beb44371a68febd5f2f252299a
https://git.alpinelinux.org/aports/commit/?id=43dd2c9dbd748d5b095ba9eec3da18255d5bd158
https://git.alpinelinux.org/aports/commit/?id=e2b7176ff9d902f7e8837d4a7ef0d560c903fc35
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
