N/A

A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

N/A

堆缓冲区溢出

Dnsmasq 缓冲区错误漏洞

Dnsmasq是一款使用C语言编写的轻量级DNS转发和DHCP、TFTP服务器。 Dnsmasq 存在缓冲区错误漏洞，该漏洞源于dnsmasq中的基于堆的缓冲区溢出，在未经请求的DNS响应中使用DNSSEC数据验证rrset之前，对rrset进行排序。

N/A

N/A