摘要:
** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and fuzz_rfc1035.c) because of the lack of a proper bounds check upon pseudo header re-insertion. NOTE: the vendor s position is that CVE-2021-45951 through CVE-2021-45957 do not represent real vulnerabilities, to the best of our knowledge. However, a contributor states that a security patch (mentioned in 016162.html) is needed.
安全等级: Low
公告ID: KylinSec-SA-2022-1484
发布日期: 2022年5月28日
关联CVE: CVE-2021-45955
** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and fuzz_rfc1035.c) because of the lack of a proper bounds check upon pseudo header re-insertion. NOTE: the vendor s position is that CVE-2021-45951 through CVE-2021-45957 do not represent real vulnerabilities, to the best of our knowledge. However, a contributor states that a security patch (mentioned in 016162.html) is needed.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2021-45955 | KY3.4-4A | dnsmasq | Unaffected |
| CVE-2021-45955 | KY3.4-5A | dnsmasq | Unaffected |
| CVE-2021-45955 | KY3.5.1 | dnsmasq | Unaffected |
