CVE-2019-14834

Published: August 31, 2023Last modified: August 31, 2023

Description

A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.

Severity score breakdown

Parameter	Value
Base score	3.7
Attack Vector	NETWORK
Attack complexity	HIGH
Privileges required	NONE
User interaction	NONE
Scope	UNCHANGED
Confidentiality	NONE
Integrity impact	NONE
Availability impact	LOW
Vector	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Status

Product	Release	Package	Status
Alpaquita Linux	23 LTS	dnsmasq	Not affected (2.87-r2)
Alpaquita Linux	Stream	dnsmasq	Not affected (2.89-r6)

References

http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=69bc94779c2f035a9fffdb5327a54c3aeca73ed5
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14834
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JU474LT66BHNVFG5C4GEV3VTZNAEJ3BS/