Mageia 9: MGASA-2024-0041 Critical: dnsmasq Resource Exhaustion DoS Risk

mageia

February 18, 2024

This updated dnsmasq package fixes security issues: Certain DNSSEC aspects of the DNS protocol allow a remote attacker to trigger a denial of service via extreme consumption of res...

Summary

This updated dnsmasq package fixes security issues: Certain DNSSEC aspects of the DNS protocol allow a remote attacker to trigger a denial of service via extreme consumption of resource caused by DNSSEC query or response: - KeyTrap - Extreme CPU consumption in DNSSEC validator. (CVE-2023-50387) - Preparing an NSEC3 closest encloser proof can exhaust CPU resources. (CVE-2023-50868)
This update also fixes issues with udp packet size (fix already present in mageia package for 2.89), possible segfault and caching.

References

- https://bugs.mageia.org/show_bug.cgi?id=32853

- https://www.cve.org/CVERecord?id=CVE-2023-50387

- https://www.cve.org/CVERecord?id=CVE-2023-50868

Topics Covered

security advisory denial of service critical security fix dnsmasq resource exhaustion Mageia

Resolution

SRPMS

- 9/core/dnsmasq-2.90-1.mga9

Severity

critical

Lowest

Low

Medium

High

Critical

Publication date: 18 Feb 2024

URL: https://advisories.mageia.org/MGASA-2024-0041.html

Type: security

CVE: CVE-2023-50387, CVE-2023-50868

Topics Covered

security advisory denial of service critical security fix dnsmasq resource exhaustion Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks