[Dnsmasq-discuss] [PATCH] Heap use after free in dhcp6_no_relay (CVE-2022-0934)
Petr Menšík
pemensik at redhat.com
Thu Mar 31 19:04:45 UTC 2022
Possible vulnerability were found in latest dnsmasq. It were found with
help of oss-fuzz Google project by me and short after that independently
also by Richard Johnson of Trellix Threat Labs.
It is affected only by DHCPv6 requests, which could be crafted to modify
already freed memory. Red Hat security assigned this vulnerability
CVE-2022-0934. Affected are also previous versions including 2.85, 2.79
and 2.76. Correction is relative simple, I am attaching my proposal to
fix this issue. Simon will probably use his own commit in upcoming
version to fix this issue soon in git repository. We think it might be
triggered remotely, but we do not think it could be used to execute
remote code.
Best Regards,
Petr Menšík
--
Petr Menšík
Software Engineer
Red Hat, http://www.redhat.com/
email: pemensik at redhat.com
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20220331/b41f93d2/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Change-message-type-by-dedicated-function.patch
Type: text/x-patch
Size: 6015 bytes
Desc: not available
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20220331/b41f93d2/attachment-0001.bin>
More information about the Dnsmasq-discuss
mailing list