Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the –add-mac, –add-cpe-id or –add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Enterprise_linux_desktop | Redhat | 7.0 | 7.0 |
Android | 7.1.2 | 7.1.2 | |
Enterprise_linux_workstation | Redhat | 7.0 | 7.0 |
Android | 5.0.2 | 5.0.2 | |
Enterprise_linux_server | Redhat | 7.0 | 7.0 |
Android | 6.0.1 | 6.0.1 | |
Android | 6.0 | 6.0 | |
Debian_linux | Debian | 7.1 | 7.1 |
Leap | Novell | 42.2 | 42.2 |
Android | 4.4.4 | 4.4.4 | |
Debian_linux | Debian | 7.0 | 7.0 |
Android | 7.0 | 7.0 | |
Ubuntu_linux | Canonical | 16.04 | 16.04 |
Ubuntu_linux | Canonical | 14.04 | 14.04 |
Android | 8.0 | 8.0 | |
Android | 5.1.1 | 5.1.1 | |
Ubuntu_linux | Canonical | 17.04 | 17.04 |
Debian_linux | Debian | 9.0 | 9.0 |
Android | 7.1.1 | 7.1.1 | |
Leap | Novell | 42.3 | 42.3 |