Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 438
Alerts This Week
Warning Icon 1 438

Ubuntu 20.10: USN-4698-1 Moderate: Dnsmasq DoS And Cache Poisoning

ubuntu
Calendar Grey January 19, 2021
Dist Ubuntu Esm H88
A critical security advisory highlights vulnerabilities in Ubuntu's dnsmasq service, urging immediate upgrades and vigilant monitoring to prevent potential attacks
Several security issues were fixed in Dnsmasq.

Summary

Several security issues were fixed in Dnsmasq.

Software Description:

- dnsmasq: Small caching DNS proxy and DHCP/TFTP server

Details:

Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled

memory when sorting RRsets. A remote attacker could use this issue to cause

Dnsmasq to hang, resulting in a denial of service, or possibly execute

arbitrary code. (CVE-2020-25681, CVE-2020-25687)

Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled

extracting certain names. A remote attacker could use this issue to cause

Dnsmasq to hang, resulting in a denial of service, or possibly execute

arbitrary code. (CVE-2020-25682, CVE-2020-25683)

Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly

implemented address/port checks. A remote attacker could use this issue to

perform a cache poisoning attack. (CVE-2020-25684)

Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly

implemented query resource name checks. A...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.10:
  dnsmasq                         2.82-1ubuntu1.1
  dnsmasq-base                    2.82-1ubuntu1.1
  dnsmasq-utils                   2.82-1ubuntu1.1

Ubuntu 20.04 LTS:
  dnsmasq                         2.80-1.1ubuntu1.2
  dnsmasq-base                    2.80-1.1ubuntu1.2
  dnsmasq-utils                   2.80-1.1ubuntu1.2

Ubuntu 18.04 LTS:
  dnsmasq                         2.79-1ubuntu0.2
  dnsmasq-base                    2.79-1ubuntu0.2
  dnsmasq-utils                   2.79-1ubuntu0.2

Ubuntu 16.04 LTS:
  dnsmasq                         2.75-1ubuntu0.16.04.7
  dnsmasq-base                    2.75-1ubuntu0.16.04.7
  dnsmasq-utils                   2.75-1ubuntu0.16.04.7

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4698-1

CVE-2019-14834, CVE-2020-25681, CVE-2020-25682, CVE-2020-25683,

CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687

January 19, 2021

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.