Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-45956: oss-fuzz-vulns/OSV-2021-933.yaml at main · google/oss-fuzz-vulns

Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called from log_packet and dhcp_reply).

CVE
Open in Source
#mac#google#git

Permalink

Cannot retrieve contributors at this time

id: OSV-2021-933

summary: Heap-buffer-overflow in print_mac

details: |

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35887

Crash type: Heap-buffer-overflow WRITE 4

Crash state:

print_mac

log_packet

dhcp_reply

modified: ‘2021-10-09T00:07:27.426059Z’

published: ‘2021-07-08T00:01:26.369555Z’

references:

- type: REPORT

url: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35887

affected:

- package:

name: dnsmasq

ecosystem: OSS-Fuzz

ranges:

- type: GIT

repo: git://thekelleys.org.uk/dnsmasq.git

events:

- introduced: 96f6444958c29a670f4254722d787f328153605c

versions:

- v2.86

- v2.86rc1

- v2.86rc2

- v2.86rc3

- v2.86test5

- v2.86test6

- v2.86test7

- v2.87test1

- v2.87test2

- v2.87test3

- v2.87test4

ecosystem_specific:

severity: HIGH

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE