dnsmasq-2.85-5.el9

エラータID: AXSA:2023-4740:01

Release date: 
Friday, January 13, 2023 - 09:51
Subject: 
dnsmasq-2.85-5.el9
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.

Security Fix(es):

* dnsmasq: Heap use after free in dhcp6_no_relay (CVE-2022-0934)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the MIRACLE LINUX 9.1 Release Notes linked from the References section.

CVE-2022-0934
A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service.

Solution: 

Update packages.

Additional Info: 

N/A