CVE-2017-14491
CRITICALdnsmasq < 2.78 - Remote Code Execution via Crafted DNS Response
Title source: llmExploitation Summary
EIP tracks 2 public exploits for CVE-2017-14491. PoCs published by Google Security Research, skyformat99.
AI-analyzed exploit summary This exploit triggers a heap-based buffer overflow in dnsmasq (CVE-2017-14491) by sending a maliciously crafted DNS response. The overflow occurs in the `add_resource_record` function when processing a large number of resource records, leading to a crash or potential remote code execution.
Description
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Google Security Research · pythondosmultiple
https://www.exploit-db.com/exploits/42941
This exploit triggers a heap-based buffer overflow in dnsmasq (CVE-2017-14491) by sending a maliciously crafted DNS response. The overflow occurs in the `add_resource_record` function when processing a large number of resource records, leading to a crash or potential remote code execution.
Classification
Working Poc 100%
Attack Type
Dos
Complexity
Moderate
Reliability
Racy
Target:
dnsmasq version 2.78test2-8-ga3303e1 and earlier
No auth needed
Prerequisites:
Attacker-controlled DNS server · Victim dnsmasq instance configured to forward queries to the attacker's server
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
nomisec
WRITEUP
by skyformat99 · poc
https://github.com/skyformat99/dnsmasq-2.4.1-fix-CVE-2017-14491
This repository contains a patched version of dnsmasq-2.4.1 addressing CVE-2017-14491, a DNS-based vulnerability. The provided files include source code, documentation, and auxiliary scripts, but no exploit PoC or offensive techniques are present.
Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target:
dnsmasq 2.4.1
No auth needed
Prerequisites:
Access to vulnerable dnsmasq instance
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (40)
Core 40
Core References
Broken Link vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/101085
Broken Link vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1039474
Third Party Advisory x_refsource_confirm
https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2017/dsa-3989
Third Party Advisory x_refsource_confirm
https://access.redhat.com/security/vulnerabilities/3199382
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-3430-1
Various Sources x_refsource_confirm
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=0549c73b7ea6b22a3c49beb4d432f185a81efcbc
Broken Link vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/101977
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:2838
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
https://www.kb.cert.org/vuls/id/973527
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201710-27
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:2840
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-3430-2
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:2839
Mailing List mailing-list
x_refsource_mlist
https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:2836
Third Party Advisory x_refsource_confirm
http://nvidia.custhelp.com/app/answers/detail/a_id/4561
Third Party Advisory x_refsource_confirm
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:2837
Exploit, Third Party Advisory, VDB Entry exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/42941/
Release Notes, Vendor Advisory x_refsource_confirm
http://thekelleys.org.uk/dnsmasq/CHANGELOG
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:2841
Third Party Advisory x_refsource_confirm
http://nvidia.custhelp.com/app/answers/detail/a_id/4560
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html
Third Party Advisory x_refsource_misc
https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
Mailing List mailing-list
x_refsource_mlist
https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html
Patch, Third Party Advisory x_refsource_confirm
https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-3430-3
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html
Third Party Advisory x_refsource_confirm
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/
Third Party Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en
Third Party Advisory x_refsource_confirm
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html
Third Party Advisory vendor-advisory
x_refsource_debian
https://www.debian.org/security/2017/dsa-3989
Mitigation, Third Party Advisory x_refsource_misc
https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30
Scores
CVSS v3
9.8
EPSS
0.8492
EPSS Percentile
99.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (34)
arista/eos
< 4.15
arubanetworks/arubaos
6.3.1 - 6.3.1.25
canonical/ubuntu_linux
12.04 (2 CPE variants)
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
16.04
canonical/ubuntu_linux
17.04
debian/debian_linux
7.0
debian/debian_linux
7.1
debian/debian_linux
8.0
debian/debian_linux
9.0
... and 24 more
Published
Oct 04, 2017
Tracked Since
Feb 18, 2026