漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Dnsmasq: dnsmasq: out-of-bounds read in find_soa() due to missing extrabytes validation
Vulnerability Description
An out-of-bounds read vulnerability exists in dnsmasq's find_soa() function in src/rfc1035.c. When parsing NS section records, extract_name() is called with extrabytes=0, failing to validate that 10 additional bytes exist for fixed-length DNS record fields. A remote attacker controlling a DNS zone can exploit this via a crafted NXDOMAIN response to cause a 10-byte heap out-of-bounds read, potentially accessing stale data from prior transactions.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
跨界内存读
Vulnerability Title
dnsmasq 缓冲区错误漏洞
Vulnerability Description
dnsmasq是dnsmasq团队开源的一个轻量级DNS转发器。 dnsmasq存在缓冲区错误漏洞,该漏洞源于dnsmasq的src/rfc1035.c文件中find_soa()函数存在越界读取漏洞,当解析NS section记录时,extract_name()以extrabytes=0被调用,未验证固定长度DNS记录字段是否存在额外的10字节,远程攻击者通过控制DNS区域并利用特制NXDOMAIN响应可能导致10字节堆越界读取,从而访问先前事务的陈旧数据。
CVSS Information
N/A
Vulnerability Type
N/A