CVE-2019-14513
published 2019-08-01CVE-2019-14513: Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the…
PriorityP338high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
1.70%
74.4th percentile
Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | dnsmasq | < dnsmasq 2.76-1 (bookworm) | dnsmasq 2.76-1 (bookworm) |
| thekelleys | dnsmasq | < 2.76 | 2.76 |
| thekelleys | dnsmasq | >= 0 < 2.76-1 | 2.76-1 |
| thekelleys | dnsmasq | >= 0 < 2.76-1 | 2.76-1 |
| thekelleys | dnsmasq | >= 0 < 2.76-1 | 2.76-1 |
| thekelleys | dnsmasq | >= 0 < 2.76-1 | 2.76-1 |
| thekelleys | dnsmasq | >= 0 < 2.75-1ubuntu0.16.04.10 | 2.75-1ubuntu0.16.04.10 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv9.8CRITICAL
vendor_debian9.8CRITICAL
vendor_redhat9.8CRITICAL
vendor_ubuntu7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Dnsmasq vulnerabilities
vendor_ubuntu·2021-04-22·CVSS 7.5
CVE-2019-14513 [HIGH] Dnsmasq vulnerabilities
Title: Dnsmasq vulnerabilities
Summary: Several security issues were fixed in Dnsmasq.
It was discovered that Dnsmasq incorrectly handled certain wildcard
synthesized NSEC records. A remote attacker could possibly use this issue
to prove the non-existence of hostnames that actually exist.
(CVE-2017-15107)
It was discovered that Dnsmasq incorrectly handled certain large DNS
packets. A remote attacker could possibly use this issue to cause Dnsmasq
to crash, resulting in a denial of service. (CVE-2019-14513)
Instructions: After a standard system update you need to reboot your computer to make all
the necessary changes.
Red Hat
dnsmasq: Improper bounds checking leads to a buffer overread
vendor_redhat·2019-08-09·CVSS 9.8
CVE-2019-14513 [CRITICAL] CWE-119 dnsmasq: Improper bounds checking leads to a buffer overread
dnsmasq: Improper bounds checking leads to a buffer overread
Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.
Statement: This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, 7, and 8.
In Red Hat OpenStack Platform, which currently supports Red Hat Enterprise Linux 7.7, the dnsmasq package is pulled directly from the rhel-7-server-rpms channel. Red Hat OpenStack Platform is therefore unaffected, but please ensure that the underlying Red Hat Enterprise Linux dnsmasq package is current.
Package: dnsmasq (Red Hat Enterprise Linux 5) - Not affected
Package: dns
Debian
CVE-2019-14513: dnsmasq - Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DN...
vendor_debian·2019·CVSS 9.8
CVE-2019-14513 [CRITICAL] CVE-2019-14513: dnsmasq - Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DN...
Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.
Scope: local
bookworm: resolved (fixed in 2.76-1)
bullseye: resolved (fixed in 2.76-1)
forky: resolved (fixed in 2.76-1)
sid: resolved (fixed in 2.76-1)
trixie: resolved (fixed in 2.76-1)
GHSA
GHSA-8x2j-2xxw-g7h5: Improper bounds checking in Dnsmasq before 2
ghsa_unreviewed·2022-05-24·CVSS 9.8
CVE-2019-14513 [CRITICAL] CWE-125 GHSA-8x2j-2xxw-g7h5: Improper bounds checking in Dnsmasq before 2
Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.
OSV
dnsmasq vulnerabilities
osv·2021-04-22·CVSS 7.5
CVE-2017-15107 [HIGH] dnsmasq vulnerabilities
dnsmasq vulnerabilities
It was discovered that Dnsmasq incorrectly handled certain wildcard
synthesized NSEC records. A remote attacker could possibly use this issue
to prove the non-existence of hostnames that actually exist.
(CVE-2017-15107)
It was discovered that Dnsmasq incorrectly handled certain large DNS
packets. A remote attacker could possibly use this issue to cause Dnsmasq
to crash, resulting in a denial of service. (CVE-2019-14513)
OSV
CVE-2019-14513: Improper bounds checking in Dnsmasq before 2
osv·2019-08-01·CVSS 9.8
CVE-2019-14513 [CRITICAL] CVE-2019-14513: Improper bounds checking in Dnsmasq before 2
Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2019-14513 dnsmasq: Improper bounds checking leads to a buffer overread
bugzilla·2019-08-09·CVSS 9.8
CVE-2019-14513 [CRITICAL] CVE-2019-14513 dnsmasq: Improper bounds checking leads to a buffer overread
CVE-2019-14513 dnsmasq: Improper bounds checking leads to a buffer overread
Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.
Upstream Issue:
https://github.com/Slovejoy/dnsmasq-pre2.76
Discussion:
This commit fixes the problem for me:
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=d3a8b39c7df2f0debf3b5f274a1c37a9e261f94e
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https://access.redhat.com/security/cve/cve-2019-14513
---
Statement:
This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise L
arXiv
One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware
arxiv_fulltext·2022-12-29
One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware
One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware
## Abstract
Currently, the development of IoT firmware heavily depends on third-party components (TPCs) to improve development efficiency. Nevertheless, TPCs are not secure, and the vulnerabilities in TPCs will influence the security of IoT firmware. Existing works pay less attention to the vulnerabilities caused by TPCs, and we still lack a comprehensive understanding of the security impact of TPC vulnerability against firmware. To fill in the knowledge gap, we design and implement , which leverages syntactical features and control-flow graph features to detect the TPCs in firmware, and then recognizes the corresponding vulnerabilities. Based on , we present the first l
2019-08-01
Published