CVE-2015-8899

Severity CVSS v4.0:
Pending analysis
Type:
CWE-20 Input Validation
Publication date:
30/06/2016
Last modified:
12/04/2025

Description

Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:* 2.75 (including)