OSV-2022-572

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2022-572.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-572
Published
2022-07-12T00:00:45.818288Z
Modified
2024-02-15T14:11:23.253482Z
Summary
Heap-buffer-overflow in dhcp_reply
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=49002

Crash type: Heap-buffer-overflow READ 1
Crash state:
dhcp_reply
dhcp_packet
FuzzDhcp
References

Affected packages

OSS-Fuzz / dnsmasq

Package

Name
dnsmasq
Purl
pkg:generic/dnsmasq

Affected ranges

Type
GIT
Repo
git://thekelleys.org.uk/dnsmasq.git
Events
Introduced
20b4a4ea5b19f3143add1342dde74a0be2b30a86
Introduced
151d7dc5eaabb38a2a7cb2ace72fe8860f4415ae

Affected versions

v2.*

v2.87
v2.87rc1
v2.87test9
v2.88
v2.88rc1
v2.88rc2
v2.88rc3
v2.88rc4
v2.88rc5
v2.88test1
v2.88test2
v2.88test3
v2.89
v2.89test1
v2.90
v2.90deb2
v2.90test1
v2.90test2
v2.90test3
v2.90test4

Ecosystem specific

{
    "severity": "MEDIUM"
}