Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities.
Multiple vulnerabilities have been reported in dnsmasq.
CWE-122: Heap-based Buffer Overflow - CVE-2017-14491
Dnsmasq is a widely used piece of open-source software. These vulnerabilities can be triggered remotely via DNS and DHCP protocols and can lead to remote code execution, information exposure, and denial of service. In some cases an attacker would need to induce one or more DNS requests.
Apply an Update
Thanks to Felix Wilhelm, Fermin J. Serna, Gabriel Campana, Kevin Hamacher and Ron Bowes of the Google Security Team for reporting this vulnerability.