Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 438
Alerts This Week
Warning Icon 1 438

Ubuntu 16.04 ESM: USN-4976-2 Moderate: Dnsmasq Cache Poisoning Risk

ubuntu
Calendar Grey September 7, 2022
Dist Ubuntu Esm H88
A security flaw in Dnsmasq on Ubuntu 16.04 ESM puts machines at risk of cache poisoning threats. Apply the update promptly to mitigate these vulnerabilities.
Dnsmasq could be exposed to cache poisoning.

Summary

Dnsmasq could be exposed to cache poisoning.

Software Description:

- dnsmasq: Small caching DNS proxy and DHCP/TFTP server

Details:

USN-4976-1 fixed a vulnerability in Dnsmasq. This update provides

the corresponding update for Ubuntu 16.04 ESM.

Dnsmasq has been updated to 2.79-1 for Ubuntu 16.04 ESM in order to fix

some security issues.

Original advisory details:

Petr Mensik discovered that Dnsmasq incorrectly randomized source ports in

certain configurations. A remote attacker could possibly use this issue to

facilitate DNS cache poisoning attacks.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
  dnsmasq                         2.79-1ubuntu0.16.04.1+esm1
  dnsmasq-base                    2.79-1ubuntu0.16.04.1+esm1
  dnsmasq-utils                   2.79-1ubuntu0.16.04.1+esm1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4976-2

https://ubuntu.com/security/notices/USN-4976-1

CVE-2021-3448

Severity
important
Lowest
Low
Medium
High
Critical

September 07, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.