cpe:/a:thekelleys:dnsmasq:2.77 cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~ cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~ cpe:/o:canonical:ubuntu_linux:17.04 cpe:/o:debian:debian_linux:7.0 cpe:/o:debian:debian_linux:7.1 cpe:/o:debian:debian_linux:9.0 cpe:/o:fedoraproject:fedora:27 cpe:/o:novell:leap:42.2 cpe:/o:novell:leap:42.3 cpe:/o:redhat:enterprise_linux_desktop:7.0 cpe:/o:redhat:enterprise_linux_server:7.0 cpe:/o:redhat:enterprise_linux_workstation:7.0 CVE-2017-13704 2017-10-02T21:29:01.637-04:00 2018-05-10T21:29:03.123-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BID 101085 BID 101977 SECTRACK 1039474 FEDORA FEDORA-2017-274d763ed8 MLIST [dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78. MLIST [dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION. CONFIRM http://thekelleys.org.uk/dnsmasq/CHANGELOG CONFIRM http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928 CONFIRM https://access.redhat.com/security/vulnerabilities/3199382 CONFIRM https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf MISC https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html CONFIRM https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.