Memory Leak Vulnerability in dnsmasq Affects Remote Devices
CVE-2019-14834

3.7LOW

Key Information:

Vendor: The Dnsmasq Project
Status: Dnsmasq
Vendor: CVE Published:; 7 January 2020

🔔 Create The Dnsmasq Project Vulnerability Alert

What is CVE-2019-14834?

A memory leak vulnerability exists in dnsmasq versions prior to 2.81, allowing remote attackers to exploit this flaw to trigger excessive memory consumption. This can result in denial of service by degrading the performance or availability of systems utilizing the affected DHCP response creation process.

Affected Version(s)

dnsmasq before 2.81

References

https://lists.fedoraproject.org/archives/list/package-ann...

vendor-advisoryx_refsource_FEDORA

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14834

x_refsource_CONFIRM

http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit...

x_refsource_CONFIRM

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

CVSS V3.0

Score:

3.7

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 7, 2020
Vulnerability Reserved
Aug 10, 2019

CVE-2019-14834 Data

JSON