rpm package
suse/dnsmasq&distro=SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5
pkg:rpm/suse/dnsmasq&distro=SUSE%20Cloud%20Compute%20Node%20for%20SUSE%20Linux%20Enterprise%2012%205
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-8899 | Hig | 7.5 | < 2.71-6.3.1 | 2.71-6.3.1 | Jun 30, 2016 | Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally. | |
| CVE-2015-3294 | — | < 2.71-4.1 | 2.71-4.1 | May 8, 2015 | The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request. |
- affected < 2.71-6.3.1fixed 2.71-6.3.1
Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.
- CVE-2015-3294May 8, 2015affected < 2.71-4.1fixed 2.71-4.1
The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.