Arne Woerner

**Name of the Vulnerable Software and Affected Versions** dnsmasq versions prior to 2.78 **Description** The issue is related to insufficient size checking of DNS packets in the `memset()` function of the dnsmasq DNS server. This can be exploited by a remote attacker to cause a denial of service by sending specially crafted requests to port 53/udp. The exploitation leads to `dnsmasq` crashing due to an incorrect size parameter in a `memset` call, resulting in an attempt to write a large number of zeros. **Recommendations** For versions prior to 2.78, update to version 2.78 or later to resolve the issue. As a temporary workaround, consider restricting access to the DNS server to minimize the risk of exploitation.