Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "dnsmasq", "binary_version": "2.68-1ubuntu0.2" }, { "binary_name": "dnsmasq-base", "binary_version": "2.68-1ubuntu0.2" }, { "binary_name": "dnsmasq-utils", "binary_version": "2.68-1ubuntu0.2" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "dnsmasq", "binary_version": "2.75-1ubuntu0.16.04.3" }, { "binary_name": "dnsmasq-base", "binary_version": "2.75-1ubuntu0.16.04.3" }, { "binary_name": "dnsmasq-utils", "binary_version": "2.75-1ubuntu0.16.04.3" } ] }