Several security issues were fixed in Dnsmasq.
Software Description:
- dnsmasq: Small caching DNS proxy and DHCP/TFTP server
Details:
USN-6657-1 fixed several vulnerabilities in Dnsmasq. This update provides
the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered
that Dnsmasq icorrectly handled validating DNSSEC messages. A remote
attacker could possibly use this issue to cause Dnsmasq to consume
resources, leading to a denial of service. (CVE-2023-50387)
It was discovered that Dnsmasq incorrectly handled preparing an NSEC3
closest encloser proof. A remote attacker could possibly use this issue to
cause Dnsmasq to consume resources, leading to a denial of service.
(CVE-2023-50868)
It was discovered that Dnsmasq incorrectly set the maximum EDNS.0 UDP
packet size as required by DNS Flag Day 2020. This issue only affected
Ubunt...
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS (Available with Ubuntu Pro): dnsmasq-base 2.90-0ubuntu0.18.04.1+esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): dnsmasq-base 2.90-0ubuntu0.16.04.1+esm1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to reboot your computer to make all the necessary changes.
https://ubuntu.com/security/notices/USN-6657-2
https://ubuntu.com/security/notices/USN-6657-1
CVE-2023-28450, CVE-2023-50387, CVE-2023-50868
Get the latest Linux and open source security news straight to your inbox.