What Are You Looking For?

Popular Tags

Sign Up
MGASA-2021-0231 - Updated dnsmasq packages fix a security vulnerability

Publication date: 08 Jun 2021
URL: https://advisories.mageia.org/MGASA-2021-0231.html
Type: security
Affected Mageia releases: 7, 8
CVE: CVE-2021-3448

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier (CVE-2021-3448).
This kind of configuration is the default when network-manager uses dnsmasq.

References:
- https://bugs.mageia.org/show_bug.cgi?id=29030
- https://bugzilla.redhat.com/show_bug.cgi?id=1939368
- https://lists.fedoraproject.org/archives/list/[email protected]/thread/GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3448

SRPMS:
- 7/core/dnsmasq-2.85-1.mga7
- 8/core/dnsmasq-2.85-1.mga8

Mageia 2021-0231: dnsmasq security update

A flaw was found in dnsmasq in versions before 2.85

Summary

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier (CVE-2021-3448). This kind of configuration is the default when network-manager uses dnsmasq.

References

- https://bugs.mageia.org/show_bug.cgi?id=29030

- https://bugzilla.redhat.com/show_bug.cgi?id=1939368

- https://lists.fedoraproject.org/archives/list/[email protected]/thread/GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V/

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3448

Resolution

MGASA-2021-0231 - Updated dnsmasq packages fix a security vulnerability

SRPMS

- 7/core/dnsmasq-2.85-1.mga7

- 8/core/dnsmasq-2.85-1.mga8

Severity
Publication date: 08 Jun 2021
URL: https://advisories.mageia.org/MGASA-2021-0231.html
Type: security
CVE: CVE-2021-3448

Related News

Severe Chromium DoS, Info Disclosure Vulns Fixed

Sep 30, 2023

Harden Ubuntu Server to Secure Your Container and Other Deployments

Sep 17, 2023

Mitigations for Critical c-ares DoS, Code Execution Bug Released

Sep 29, 2023

Critical OpenDMARC DoS Bug Fixed

Sep 22, 2023

News

Advisories

HOWTOs

Features

Everything You Need to Know About Linux Proxy Servers
Simple Steps for Identifying & Troubleshooting a Kernel Panic
Linux Endpoint Detection and Response (EDR): A Crucial Part of a Successful Cybersecurity Strategy
Supercharging Linux: Tips & Tricks to Beat the Threat Landscape
LinuxSecurity.com Migrates to Joomla 4 and PHP 8: Our Experience & Key Takeaways

About Us

Powered By

Footer Logo

Feedback