PT-2022-2741 · Dnsmasq+10 · Dnsmasq+10

Petr Menšík

Published

2022-02-22

Updated

2025-06-10

CVE-2022-0934

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions dnsmasq (affected versions not specified)

Description A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq, allowing an attacker to potentially cause a denial of service by sending a crafted packet processed by dnsmasq. The flaw is related to an error in memory usage after it has been freed, specifically in the processing of DHCPv6 requests. This can be exploited by a remote attacker to send specially crafted packets, causing a use-after-free error and resulting in a denial of service attack.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2022:7633

ALSA-2022:8070

ALT-PU-2022-2683

ALT-PU-2022-2830

ALT-PU-2022-3323

ALT-PU-2023-8012

AZL-25317

BDU:2022-03253

CESA-2022_7633

CVE-2022-0934

DLA-3974-1

MGASA-2022-0233

OESA-2022-1761

OPENSUSE-SU-2022_1307-1

OPENSUSE-SU-2024:11998-1

RHSA-2022:7633

RHSA-2022:8070

RHSA-2022_7633

RHSA-2022_8070

RHSA-2024:1545

RLSA-2022:7633

RLSA-2022:8070

SUSE-SU-2022:1288-1

SUSE-SU-2022:1289-1

SUSE-SU-2022:1307-1

SUSE-SU-2022:14940-1

SUSE-SU-2022:14941-1

SUSE-SU-2022_1307-1

SUSE-SU-2022_14941-1

USN-5408-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

Dnsmasq

PT-2022-2741 · Dnsmasq+10 · Dnsmasq+10

CVE-2022-0934

Weakness Enumeration

Related Identifiers

Affected Products

References · 71