CVE-2017-15107

A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.

References

Affected packages

Git / github.com/infrastructureservices/dnsmasq

Affected ranges

Type: GIT
Repo: https://github.com/infrastructureservices/dnsmasq
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

30df7efc9654b080f763b78c2078ae13b51019c7

Affected versions

v2.*

v2.0

v2.1

v2.10

v2.11

v2.12

v2.13

v2.14

v2.15

v2.16

v2.17

v2.18

v2.19

v2.2

v2.20

v2.21

v2.22

v2.23

v2.24

v2.25

v2.26

v2.27

v2.28

v2.29

v2.3

v2.30

v2.31

v2.32

v2.33

v2.34

v2.35

v2.36

v2.37

v2.38

v2.39

v2.4

v2.40

v2.41

v2.42

v2.43

v2.44

v2.45

v2.46

v2.47

v2.48

v2.49

v2.5

v2.50

v2.51

v2.52

v2.53

v2.55

v2.56

v2.57

v2.58

v2.59

v2.6

v2.60

v2.60rc1

v2.60rc2

v2.60rc3

v2.60rc4

v2.60rc5

v2.60test10

v2.60test11

v2.60test12

v2.60test13

v2.60test14

v2.60test15

v2.60test16

v2.60test17

v2.60test18

v2.60test7

v2.60test8

v2.60test9

v2.61

v2.61rc1

v2.61rc2

v2.61rc3

v2.61rc4

v2.61test10

v2.61test11

v2.61test2

v2.61test3

v2.61test4

v2.61test5

v2.61test6

v2.61test7

v2.61test8

v2.61test9

v2.62

v2.62rc1

v2.62rc2

v2.62rc3

v2.62test1

v2.62test2

v2.62test3

v2.62test4

v2.63

v2.63rc1

v2.63rc2

v2.63rc3

v2.63rc4

v2.63rc5

v2.63rc6

v2.63test1

v2.63test2

v2.63test3

v2.64

v2.64rc1

v2.64rc2

v2.64rc3

v2.64test1

v2.64test2

v2.64test3

v2.64test4

v2.64test5

v2.64test6

v2.64test7

v2.65test1

v2.65test2

v2.65test3

v2.65test4

v2.66

v2.66rc1

v2.66rc2

v2.66rc3

v2.66rc4

v2.66rc5

v2.66test1

v2.66test10

v2.66test11

v2.66test12

v2.66test13

v2.66test14

v2.66test15

v2.66test16

v2.66test17

v2.66test18

v2.66test19

v2.66test2

v2.66test20

v2.66test21

v2.66test22

v2.66test23

v2.66test3

v2.66test4

v2.66test5

v2.66test6

v2.66test7

v2.66test8

v2.66test9

v2.67

v2.67rc1

v2.67rc2

v2.67rc3

v2.67rc4

v2.67test1

v2.67test10

v2.67test11

v2.67test12

v2.67test13

v2.67test14

v2.67test15

v2.67test16

v2.67test17

v2.67test18

v2.67test2

v2.67test3

v2.67test4

v2.67test5

v2.67test6

v2.67test7

v2.67test8

v2.67test9

v2.68

v2.68rc1

v2.68rc2

v2.68rc3

v2.68rc4

v2.68rc5

v2.68test1

v2.68test2

v2.69

v2.69rc1

v2.69rc2

v2.69rc3

v2.69rc4

v2.69test1

v2.69test10

v2.69test11

v2.69test2

v2.69test3

v2.69test4

v2.69test5

v2.69test6

v2.69test7

v2.69test8

v2.69test9

v2.7

v2.70

v2.71

v2.71test1

v2.71test2

v2.72

v2.72rc1

v2.72rc2

v2.72test1

v2.72test2

v2.72test3

v2.73

v2.73rc1

v2.73rc10

v2.73rc2

v2.73rc3

v2.73rc4

v2.73rc5

v2.73rc6

v2.73rc7

v2.73rc8

v2.73rc9

v2.73test1

v2.73test2

v2.73test3

v2.73test4

v2.73test5

v2.73test6

v2.74

v2.74rc1

v2.74rc2

v2.74rc3

v2.74rc4

v2.74test1

v2.74test2

v2.75

v2.76

v2.76rc1

v2.76rc2

v2.76test1

v2.76test10

v2.76test11

v2.76test12

v2.76test13

v2.76test2

v2.76test3

v2.76test4

v2.76test5

v2.76test6

v2.76test7

v2.76test8

v2.76test9

v2.77

v2.77rc1

v2.77rc2

v2.77rc3

v2.77rc4

v2.77rc5

v2.77test1

v2.77test2

v2.77test3

v2.77test4

v2.77test5

v2.78

v2.78test1

v2.78test2

v2.8

v2.9

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-15107.json"