CVE-2021-45955

Name
CVE-2021-45955
Description
** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and fuzz_rfc1035.c) because of the lack of a proper bounds check upon pseudo header re-insertion. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge." However, a contributor states that a security patch (mentioned in 016162.html) is needed.
NVD Severity
high
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-932.yaml
MISC https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35898
Mailing List https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016164.html
Mailing List https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016162.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:thekelleys:dnsmasq:2.86:*:*:*:*:*:*:* dnsmasq == None == 2.86

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
dnsmasq edge-main 2.86-r2 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
dnsmasq 3.15-main 2.86-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable