[Dnsmasq-discuss] CVE-2017-14495 PoC causes high CPU usage and denial of service against dnsmasq v2.79
Matthias Andree
matthias.andree at gmx.de
Tue Oct 9 17:16:34 BST 2018
Am 08.10.18 um 03:58 schrieb Mouath Ibrahim:
> Hello,
>
> I ran the PoC supplied by Google research team found here: https://github.com/
> google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/
> CVE-2017-14495.py
>
> and noticed immediately that dnsmasq process uses up 100% CPU usage and stops
> responding to queries short after based on the original CVE the effect was
> high memory usage but in this cause it was not.
>
> note dnsmasq didn't have any of these options set "--add-mac, --add-cpe-id or
> --add-subnet".
Can't reproduce on 2.79 with add-subnet=24,96 in the conf file. While
the attack is ongoing, dnsmasq is slow to respond (seconds), but returns
to normal once I terminate the .py script. I don't see a denial of service.
More information about the Dnsmasq-discuss
mailing list