CVE-2022-0934

Name
CVE-2022-0934
Description
A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://bugzilla.redhat.com/show_bug.cgi?id=2057075
MISC https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html
MISC https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=03345ecefeb0d82e3c3a4c28f27c3554f0611b39
MISC https://access.redhat.com/security/cve/CVE-2022-0934
Broken Link https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:thekelleys:dnsmasq:-:*:*:*:*:*:*:* dnsmasq == None == -
cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:* dnsmasq >= None < 2.87

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
dnsmasq 3.16-main 2.86-r4 Natanael Copa <ncopa@alpinelinux.org> fixed
dnsmasq 3.15-main 2.86-r2 Natanael Copa <ncopa@alpinelinux.org> fixed