[Dnsmasq-discuss] CVE-2017-14495 PoC causes high CPU usage and denial of service against dnsmasq v2.79

Kevin Darbyshire-Bryant kevin at darbyshire-bryant.me.uk
Mon Oct 8 08:24:59 BST 2018



> On 8 Oct 2018, at 02:58, Mouath Ibrahim <dnsmasq at mouath.com> wrote:
> 
> Hello,
> 
> I ran the PoC supplied by Google research team found here: https://github.com/
> google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/
> CVE-2017-14495.py
> 
> and noticed immediately that dnsmasq process uses up 100% CPU usage and stops 
> responding to queries short after based on the original CVE the effect was 
> high memory usage but in this cause it was not.
> 
> note dnsmasq didn't have any of these options set "--add-mac, --add-cpe-id or 
> --add-subnet".
> 
> Regards,
> Mouath Ibrahim

I am unable to reproduce.  Against which version/s of dnsmasq did you try?


Cheers,

Kevin D-B

012C ACB2 28C6 C53E 9775  9123 B3A2 389B 9DE2 334A




More information about the Dnsmasq-discuss mailing list