CVSS: 7.8EPSS: 29%CPEs: 21EXPL: 3CVE-2023-50387 – bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator
https://notcve.org/view.php?id=CVE-2023-50387
13 Feb 2024 — Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records. Ciertos aspectos DNSSEC del protocolo DNS (en RFC 4035 y RFC relacionados) permiten a ataca... • https://github.com/knqyf263/CVE-2023-50387 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28450 – dnsmasq: default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232
https://notcve.org/view.php?id=CVE-2023-28450
15 Mar 2023 — An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020. A flaw was found in Dnsmasq. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020. USN-6657-1 fixed several vulnerabilities in Dnsmasq. • https://capec.mitre.org/data/definitions/495.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-0934 – dnsmasq: Heap use after free in dhcp6_no_relay
https://notcve.org/view.php?id=CVE-2022-0934
11 May 2022 — A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service. En dnsmasq ha sido encontrado un fallo de escritura/uso de memoria previamente liberada de un byte no arbitrario. Este fallo permite a un atacante que envíe un paquete diseñado procesado por dnsmasq, causando potencialmente una denegación de servicio OpenShift Virtualization is Red Hat's virtualization solution des... • https://access.redhat.com/security/cve/CVE-2022-0934 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-45951
https://notcve.org/view.php?id=CVE-2021-45951
31 Dec 2021 — Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (called from check_for_bogus_wildcard and FuzzCheckForBogusWildcard). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. ** EN DISPUTA ** Dnsmasq versión 2.86, presenta un desbordamiento de búfer en la región heap de la memoria en la función check_bad_address (llamado desde check_for_bogus_wildcard y FuzzCheckForBogusWildcard). NOTA: la posición del ... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35868 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-45952
https://notcve.org/view.php?id=CVE-2021-45952
31 Dec 2021 — Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called from dhcp_packet and FuzzDhcp). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. ** EN DISPUTA ** Dnsmasq versión 2.86, presenta un desbordamiento de buffer en la región heap de la memoria en la función dhcp_reply (llamado desde dhcp_packet y FuzzDhcp). NOTA: la posición del proveedor es que CVE-2021-45951 a CVE-2021-45957 "no representan vulnerab... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35870 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-45954
https://notcve.org/view.php?id=CVE-2021-45954
31 Dec 2021 — Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from answer_auth and FuzzAuth). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. ** EN DISPUTA ** Dnsmasq versión 2.86 presenta un desbordamiento de buffer en la región heap de la memoria en la función extract_name (llamado desde answer_auth y FuzzAuth). NOTA: la posición del proveedor es que CVE-2021-45951 a CVE-2021-45957 "no representan vulne... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35861 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-45955
https://notcve.org/view.php?id=CVE-2021-45955
31 Dec 2021 — Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and fuzz_rfc1035.c) because of the lack of a proper bounds check upon pseudo header re-insertion. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge." However, a contributor states that a security patch (mentioned in 016162.html) is needed ** EN DISPUTA ** Dnsmasq versión 2.86 presenta un desbordamiento de buffer en la región... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35898 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-45956
https://notcve.org/view.php?id=CVE-2021-45956
31 Dec 2021 — Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called from log_packet and dhcp_reply). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. ** EN DISPUTA ** Dnsmasq versión 2.86 presenta un desbordamiento de buffer en la región heap de la memoria en la función print_mac (llamado desde log_packet y dhcp_reply). NOTA: la posición del proveedor es que CVE-2021-45951 a CVE-2021-45957 "no representan vulnerabi... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35887 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-45957
https://notcve.org/view.php?id=CVE-2021-45957
31 Dec 2021 — Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (called from FuzzAnswerTheRequest and fuzz_rfc1035.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. ** EN DISPUTA ** Dnsmasq versión 2.86 presenta un desbordamiento de buffer en la región heap de la memoria en la función answer_request (llamado desde FuzzAnswerTheRequest y fuzz_rfc1035.c). NOTA: la posición del proveedor es que CVE-2021-45951 a CV... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35920 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-45953
https://notcve.org/view.php?id=CVE-2021-45953
31 Dec 2021 — Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from hash_questions and fuzz_util.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. ** EN DISPUTA ** Dnsmasq versión 2.86 presenta un desbordamiento de buffer en la región heap de la memoria en la función extract_name (llamado desde hash_questions y fuzz_util.c). NOTA: la posición del proveedor es que CVE-2021-45951 a CVE-2021-45957 "no repre... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35858 • CWE-787: Out-of-bounds Write •