OSV-2022-312

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2022-312.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-312
Published
2022-04-07T00:00:40.457052Z
Modified
2024-02-15T14:11:10.295753Z
Summary
Heap-buffer-overflow in dhcp_reply
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46416

Crash type: Heap-buffer-overflow READ 1 Crash state: dhcpreply dhcppacket FuzzDhcp

References

Affected packages

OSS-Fuzz / dnsmasq

Package

Name
dnsmasq
Purl
pkg:generic/dnsmasq

Affected ranges

Type
GIT
Repo
git://thekelleys.org.uk/dnsmasq.git
Events
Introduced
03345ecefeb0d82e3c3a4c28f27c3554f0611b39

Affected versions

v2.*

v2.87
v2.87rc1
v2.87test9
v2.88
v2.88rc1
v2.88rc2
v2.88rc3
v2.88rc4
v2.88rc5
v2.88test1
v2.88test2
v2.88test3
v2.89
v2.89test1
v2.90
v2.90deb2
v2.90test1
v2.90test2
v2.90test3
v2.90test4

Ecosystem specific 

{
    "severity": "MEDIUM"
}