[Dnsmasq-discuss] reproducible segmentation fault
Kevin Darbyshire-Bryant
kevin at darbyshire-bryant.me.uk
Mon Aug 28 10:02:11 BST 2017
On 28/08/17 09:27, Juan Manuel Fernandez wrote:
> Hi,
>
> Last weeks we were fuzzing dnsmasq and found this crash
> (https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11597.html
> <https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11597.html>) .
> We tried to reach Simon on Friday but we have not had any response from
> him. We asked mitre for a CVE id and were assigned CVE-2017-13704.
Be aware that it's a bank holiday Monday here in the UK which means it's
popular time to go away for a week or so with family/friends. This may
explain the lack of response so far.
Good that a CVE is assigned. Even better you've got some example
packets that induce the issue :-)
> In our original mail to Simon we attached two packets as examples: one
> that crash the application, and another where the memset is set to a
> lenght of 0 (making it useless).
>
> Regards,
> Juan Manuel Fernandez
> Tarlogic
Cheers,
Kevin
More information about the Dnsmasq-discuss
mailing list