vulnerability

Oracle Linux: CVE-2017-14494: ELSA-2017-2836: dnsmasq security update (CRITICAL) (Multiple Advisories)

Severity
6
CVSS
(AV:A/AC:L/Au:N/C:C/I:N/A:N)
Published
Oct 2, 2017
Added
Oct 2, 2017
Modified
Dec 18, 2024

Description

dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.
An information leak was found in dnsmasq in the DHCPv6 relay code. An attacker on the local network could send crafted DHCPv6 packets to dnsmasq causing it to forward the contents of process memory, potentially leaking sensitive data.

Solution(s)

oracle-linux-upgrade-dnsmasqoracle-linux-upgrade-dnsmasq-utils
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.