GLSA-201512-01 : Dnsmasq: Denial of Service
Medium Nessus Plugin ID 87484
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201512-01 (Dnsmasq: Denial of Service)
An out-of-bounds read vulnerability has been found in the tcp_request function in Dnsmasq.
A remote attacker could send a specially crafted DNS request, possibly resulting in a Denial of Service condition.
There is no known workaround at this time.
SolutionAll Dnsmasq users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-dns/dnsmasq-2.72-r2'