Headline

CVE-2021-45951: oss-fuzz-vulns/OSV-2021-924.yaml at main · google/oss-fuzz-vulns

Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (called from check_for_bogus_wildcard and FuzzCheckForBogusWildcard).

2 years ago

CVE

Open in Source

#google #git

Permalink

Cannot retrieve contributors at this time

id: OSV-2021-924

summary: Heap-buffer-overflow in check_bad_address

details: |

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35868

Crash type: Heap-buffer-overflow WRITE 1

Crash state:

check_bad_address

check_for_bogus_wildcard

FuzzCheckForBogusWildcard

modified: ‘2021-10-08T00:05:23.820623Z’

published: ‘2021-07-08T00:00:12.086205Z’

references:

- type: REPORT

url: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35868

affected:

- package:

name: dnsmasq

ecosystem: OSS-Fuzz

ranges:

- type: GIT

repo: git://thekelleys.org.uk/dnsmasq.git

events:

- introduced: 96f6444958c29a670f4254722d787f328153605c

versions:

- v2.86

- v2.86rc1

- v2.86rc2

- v2.86rc3

- v2.86test5

- v2.86test6

- v2.86test7

- v2.87test1

- v2.87test2

- v2.87test3

- v2.87test4

ecosystem_specific:

severity: HIGH

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

11 months ago

11 months ago

11 months ago

11 months ago

11 months ago