Bug 1060355 (CVE-2017-14492)

Summary: VUL-0: CVE-2017-14492: dnsmasq: heap based overflow
Product: [Novell Products] SUSE Security Incidents Reporter: Victor Pereira <vpereira>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Major    
Priority: P3 - Medium CC: astieger, emu, meissner, peter.simons, smash_bz
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/192503/
Whiteboard: CVSSv3:SUSE:CVE-2017-14492:5.4:(AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L) CVSSv2:SUSE:CVE-2017-14492:4.8:(AV:A/AC:L/Au:N/C:N/I:P/A:P) CVSSv2:RedHat:CVE-2017-14492:8.3:(AV:A/AC:L/Au:N/C:C/I:C/A:C) CVSSv3:RedHat:CVE-2017-14492:8.8:(AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Victor Pereira 2017-09-26 06:33:59 UTC
CVE-2017-14492

Greetings,

CERT/CC has been notified by Google of a number of vulnerabilities affecting dnsmasq.
Please note that you may have already received a notification of these vulnerabilities from another source.
CERT/CC is tracking this report as VU#973527. Please retain VU#973527 in the subject line of any email sent to CERT/CC regarding this report.

Google has identified 6 vulnerabilities affecting the latest bits at Dnsmasq git server. They have a proposed release date of October 2nd 2017, 6 am PST. This information should be under embargo until public release at that time.
These vulnerabilities can be triggered remotely via DNS and DHCP protocols and it is believed some of them are highly exploitable. The following 6 CVEs have been assigned to these vulnerabilities.


References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14492
Comment 5 Swamp Workflow Management 2017-10-02 19:07:44 UTC
SUSE-SU-2017:2616-1: An update that solves 8 vulnerabilities and has three fixes is now available.

Category: security (important)
Bug References: 1035227,1060354,1060355,1060360,1060361,1060362,1060364,902511,904537,908137,972164
CVE References: CVE-2015-3294,CVE-2015-8899,CVE-2017-14491,CVE-2017-14492,CVE-2017-14493,CVE-2017-14494,CVE-2017-14495,CVE-2017-14496
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    dnsmasq-2.78-6.6.1
Comment 6 Swamp Workflow Management 2017-10-02 19:09:34 UTC
SUSE-SU-2017:2617-1: An update that fixes 8 vulnerabilities is now available.

Category: security (important)
Bug References: 1060354,1060355,1060360,1060361,1060362,1060364
CVE References: CVE-2015-3294,CVE-2015-8899,CVE-2017-14491,CVE-2017-14492,CVE-2017-14493,CVE-2017-14494,CVE-2017-14495,CVE-2017-14496
Sources used:
SUSE Linux Enterprise Server 11-SP3-LTSS (src):    dnsmasq-2.78-0.16.5.1
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    dnsmasq-2.78-0.16.5.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    dnsmasq-2.78-0.16.5.1
Comment 7 Swamp Workflow Management 2017-10-02 19:10:41 UTC
SUSE-SU-2017:2618-1: An update that fixes 6 vulnerabilities is now available.

Category: security (important)
Bug References: 1060354,1060355,1060360,1060361,1060362,1060364
CVE References: CVE-2017-14491,CVE-2017-14492,CVE-2017-14493,CVE-2017-14494,CVE-2017-14495,CVE-2017-14496
Sources used:
SUSE OpenStack Cloud 7 (src):    dnsmasq-2.78-18.3.1
SUSE OpenStack Cloud 6 (src):    dnsmasq-2.78-18.3.1
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    dnsmasq-2.78-18.3.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    dnsmasq-2.78-18.3.1
SUSE Linux Enterprise Server 12-SP3 (src):    dnsmasq-2.78-18.3.1
SUSE Linux Enterprise Server 12-SP2 (src):    dnsmasq-2.78-18.3.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    dnsmasq-2.78-18.3.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    dnsmasq-2.78-18.3.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    dnsmasq-2.78-18.3.1
Comment 8 Swamp Workflow Management 2017-10-02 19:11:46 UTC
SUSE-SU-2017:2619-1: An update that fixes 8 vulnerabilities is now available.

Category: security (important)
Bug References: 1060354,1060355,1060360,1060361,1060362,1060364
CVE References: CVE-2015-3294,CVE-2015-8899,CVE-2017-14491,CVE-2017-14492,CVE-2017-14493,CVE-2017-14494,CVE-2017-14495,CVE-2017-14496
Sources used:
SUSE Linux Enterprise Server 11-SP4 (src):    dnsmasq-2.78-0.17.5.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    dnsmasq-2.78-0.17.5.1
Comment 10 Swamp Workflow Management 2017-10-03 01:07:31 UTC
openSUSE-SU-2017:2633-1: An update that fixes 6 vulnerabilities is now available.

Category: security (important)
Bug References: 1060354,1060355,1060360,1060361,1060362,1060364
CVE References: CVE-2017-14491,CVE-2017-14492,CVE-2017-14493,CVE-2017-14494,CVE-2017-14495,CVE-2017-14496
Sources used:
openSUSE Leap 42.3 (src):    dnsmasq-2.78-13.1
openSUSE Leap 42.2 (src):    dnsmasq-2.78-10.6.1
Comment 11 Bernhard Wiedemann 2017-12-04 14:10:09 UTC
This is an autogenerated message for OBS integration:
This bug (1060355) was mentioned in
https://build.opensuse.org/request/show/548087 Factory / dnsmasq