what you don't know can hurt you
Showing 1 - 4 of 4 RSS Feed

CVE-2019-14834

Status Candidate

Overview

A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.

Related Files

Ubuntu Security Notice USN-4698-2
Posted Feb 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4698-2 - USN-4698-1 fixed vulnerabilities in Dnsmasq. The updates introduced regressions in certain environments related to issues with multiple queries, and issues with retries. This update fixes the problem. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented address/port checks. A remote attacker could use this issue to perform a cache poisoning attack. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented query resource name checks. A remote attacker could use this issue to perform a cache poisoning attack. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled multiple query requests for the same resource name. A remote attacker could use this issue to perform a cache poisoning attack. It was discovered that Dnsmasq incorrectly handled memory during DHCP response creation. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14834, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686
MD5 | d9480652e5dc691b11f3f1725a0b37f0
Ubuntu Security Notice USN-4698-1
Posted Jan 19, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4698-1 - Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-14834, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686
MD5 | 6a28aafbdc7142b8cedf9f08b7ed394c
Red Hat Security Advisory 2020-3878-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3878-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Issues addressed include a memory leak vulnerability.

tags | advisory, memory leak
systems | linux, redhat
advisories | CVE-2019-14834
MD5 | 6d566a0f195c3306192d97a0be6bc6d6
Red Hat Security Advisory 2020-1715-01
Posted Apr 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1715-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Issues addressed include a memory leak vulnerability.

tags | advisory, memory leak
systems | linux, redhat
advisories | CVE-2019-14834
MD5 | bd90fba139c19ad15e1bfa5b43c8fdd7
Page 1 of 1
Back1Next

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    15 Files
  • 14
    Apr 14th
    27 Files
  • 15
    Apr 15th
    19 Files
  • 16
    Apr 16th
    7 Files
  • 17
    Apr 17th
    1 Files
  • 18
    Apr 18th
    1 Files
  • 19
    Apr 19th
    19 Files
  • 20
    Apr 20th
    18 Files
  • 21
    Apr 21st
    30 Files
  • 22
    Apr 22nd
    18 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close