Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.
{ "binaries": [ { "binary_name": "dnsmasq", "binary_version": "2.68-1ubuntu0.2" }, { "binary_name": "dnsmasq-base", "binary_version": "2.68-1ubuntu0.2" }, { "binary_name": "dnsmasq-utils", "binary_version": "2.68-1ubuntu0.2" } ], "ubuntu_priority": "medium", "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "dnsmasq", "binary_version": "2.75-1ubuntu0.16.04.3" }, { "binary_name": "dnsmasq-base", "binary_version": "2.75-1ubuntu0.16.04.3" }, { "binary_name": "dnsmasq-utils", "binary_version": "2.75-1ubuntu0.16.04.3" } ], "ubuntu_priority": "medium", "availability": "No subscription required" }