GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Fri Jan 22, 2021 9:26 pm Post subject: [ GLSA 202101-17 ] Dnsmasq |
 |
|
Gentoo Linux Security Advisory
Title: Dnsmasq: Multiple vulnerabilities (GLSA 202101-17)
Severity: normal
Exploitable: local, remote
Date: 2021-01-22
Bug(s): #766126
ID: 202101-17
Synopsis
Multiple vulnerabilities have been found in Dnsmasq, the worst of
which may allow remote attackers to execute arbitrary code.
Background
Dnsmasq is a lightweight and easily-configurable DNS forwarder and DHCP
server.
Affected Packages
Package: net-dns/dnsmasq
Vulnerable: < 2.83
Unaffected: >= 2.83
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in Dnsmasq. Please review
the references below for details.
Impact
An attacker, by sending specially crafted DNS replies, could possibly
execute arbitrary code with the privileges of the process, perform a
cache poisoning attack or cause a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All Dnsmasq users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.83"
|
References
CVE-2020-25681
CVE-2020-25682
CVE-2020-25683
CVE-2020-25684
CVE-2020-25685
CVE-2020-25686
CVE-2020-25687 |
|
News & Announcements
