Vulnerability Description
A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.
CVSS Score
3.7
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Thekelleys | Dnsmasq | < 2.81 |
| Fedoraproject | Fedora | 31 |
Related Weaknesses (CWE)
References
- http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=69bc94779c2f035a9f
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14834Issue TrackingPatchThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=69bc94779c2f035a9f
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14834Issue TrackingPatchThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
FAQ
What is CVE-2019-14834?
CVE-2019-14834 is a vulnerability with a CVSS score of 3.7 (LOW). A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.
How severe is CVE-2019-14834?
CVE-2019-14834 has been rated LOW with a CVSS base score of 3.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-14834?
Check the references section above for vendor advisories and patch information. Affected products include: Thekelleys Dnsmasq, Fedoraproject Fedora.