The issues are CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-1449 and CVE-2017-13704. The first three can result in remote code execution, the fourth information leakage, the fifth OOM/DoS and the last two DOS. Google said after the problems were found it worked with Simon Kelly who maintains Dnsmasq to develop the proper patches, which have since been released. Patches for Android will be included in that operating systems October security update.
Dnsmasq is widely used in systems ranging from desktop Linux distributions, to home routers to IoT devices and provides functionality for serving DNS, DHCP and router advertisements and network boot, Google reported.
Dnsmasq provides functionality for serving DNS, DHCP, router advertisements and network boot. This software is commonly installed in systems as varied as desktop Linux distributions (like Ubuntu), home routers, and IoT devices.