dnsmasq: Multiple Critical and Important vulnerabilities

Solution In Progress - Updated -

Environment

The following Red Hat product versions are impacted:
- Red Hat Enterprise Linux 5
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 7

Issue

Red Hat Product Security has been made aware of several vulnerabilities affecting dnsmasq. Three of these vulnerabilities (CVE-2017-14491, CVE-2017-14492, and CVE-2017-14493) have been rated as Critical, while the remaining four (CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, and CVE-2017-13704) have been rated as Important. These issues were publicly disclosed on Monday, October 2nd, 2017.

Resolution

For further information, please refer to:
dnsmasq: Multiple Critical and Important vulnerabilities

Root Cause

A number of vulnerabilities were identified in dnsmasq that could potentially lead to a Denial of Service, arbitrary code execution, or information leaking.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments