Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 463
Alerts This Week
Warning Icon 1 463

Ubuntu 23.10: USN-6657-1 Critical Dnsmasq Denial of Service

ubuntu
Calendar Grey February 26, 2024
Dist Ubuntu Esm H88
Protect your Ubuntu system from vulnerabilities by implementing essential Dnsmasq security protocols. Follow these urgent update steps for enhanced safety
Several security issues were fixed in Dnsmasq.

Summary

Several security issues were fixed in Dnsmasq.

Software Description:

- dnsmasq: Small caching DNS proxy and DHCP/TFTP server

Details:

Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered

that Dnsmasq icorrectly handled validating DNSSEC messages. A remote

attacker could possibly use this issue to cause Dnsmasq to consume

resources, leading to a denial of service. (CVE-2023-50387)

It was discovered that Dnsmasq incorrectly handled preparing an NSEC3

closest encloser proof. A remote attacker could possibly use this issue to

cause Dnsmasq to consume resources, leading to a denial of service.

(CVE-2023-50868)

It was discovered that Dnsmasq incorrectly set the maximum EDNS.0 UDP

packet size as required by DNS Flag Day 2020. This issue only affected

Ubuntu 23.10. (CVE-2023-28450)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.10:
   dnsmasq-base                    2.90-0ubuntu0.23.10.1

Ubuntu 22.04 LTS:
   dnsmasq-base                    2.90-0ubuntu0.22.04.1

Ubuntu 20.04 LTS:
   dnsmasq-base                    2.90-0ubuntu0.20.04.1

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to reboot your computer to
make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6657-1

CVE-2023-28450, CVE-2023-50387, CVE-2023-50868

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6657-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.