Google G Suite gets new security warning
Google G Suite gets new security warning
Google reported it has discovered and issued patches fo seven vulnerabilities in the DNS software package Dnsmasq, several of which could lead to remote code execution or leave the device open to a denial of service attack if exploited.

The issues are CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-1449 and CVE-2017-13704. The first three can result in remote code execution, the fourth information leakage, the fifth OOM/DoS and the last two DOS. Google said after the problems were found it worked with Simon Kelly who maintains Dnsmasq to develop the proper patches, which have since been released. Patches for Android will be included in that operating systems October security update.

Dnsmasq is widely used in systems ranging from desktop Linux distributions, to home routers to IoT devices and provides functionality for serving DNS, DHCP and router advertisements and network boot, Google reported.

Dnsmasq provides functionality for serving DNS, DHCP, router advertisements and network boot. This software is commonly installed in systems as varied as desktop Linux distributions (like Ubuntu), home routers, and IoT devices.