A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
https://bugzilla.redhat.com/show_bug.cgi?id=1891568
https://lists.debian.org/debian-lts-announce/2021/03/msg00027.html
https://security.gentoo.org/glsa/202101-17
Source: MITRE
Published: 2021-01-20
Updated: 2021-03-26
Type: CWE-122
Base Score: 7.1
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Impact Score: 6.9
Exploitability Score: 8.6
Severity: HIGH
Base Score: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Impact Score: 3.6
Exploitability Score: 2.2
Severity: MEDIUM
OR
OR
OR
ID | Name | Product | Family | Severity |
---|---|---|---|---|
148613 | EulerOS : dnsmasq (EulerOS-SA-2021-1733) | Nessus | Huawei Local Security Checks | high |
148581 | EulerOS : dnsmasq (EulerOS-SA-2021-1758) | Nessus | Huawei Local Security Checks | high |
148050 | EulerOS 2.0 SP5 : dnsmasq (EulerOS-SA-2021-1673) | Nessus | Huawei Local Security Checks | high |
147960 | Debian DLA-2604-1 : dnsmasq security update | Nessus | Debian Local Security Checks | high |
147582 | EulerOS Virtualization for ARM 64 3.0.2.0 : dnsmasq (EulerOS-SA-2021-1389) | Nessus | Huawei Local Security Checks | high |
147517 | EulerOS Virtualization 3.0.6.6 : dnsmasq (EulerOS-SA-2021-1469) | Nessus | Huawei Local Security Checks | high |
147462 | EulerOS Virtualization 3.0.2.6 : dnsmasq (EulerOS-SA-2021-1411) | Nessus | Huawei Local Security Checks | high |
147341 | NewStart CGSL MAIN 6.02 : dnsmasq Multiple Vulnerabilities (NS-SA-2021-0091) | Nessus | NewStart CGSL Local Security Checks | high |
147133 | EulerOS Virtualization for ARM 64 3.0.6.0 : dnsmasq (EulerOS-SA-2021-1551) | Nessus | Huawei Local Security Checks | high |
146735 | EulerOS 2.0 SP3 : dnsmasq (EulerOS-SA-2021-1374) | Nessus | Huawei Local Security Checks | high |
146697 | EulerOS 2.0 SP2 : dnsmasq (EulerOS-SA-2021-1288) | Nessus | Huawei Local Security Checks | high |
146369 | Slackware 14.0 / 14.1 / 14.2 / current : dnsmasq (SSA:2021-040-01) | Nessus | Slackware Local Security Checks | high |
146242 | Debian DSA-4844-1 : dnsmasq - security update | Nessus | Debian Local Security Checks | high |
146224 | EulerOS : dnsmasq (EulerOS-SA-2021-1263) | Nessus | Huawei Local Security Checks | high |
146218 | EulerOS 2.0 SP9 : dnsmasq (EulerOS-SA-2021-1244) | Nessus | Huawei Local Security Checks | high |
145737 | EulerOS 2.0 SP8 : dnsmasq (EulerOS-SA-2021-1138) | Nessus | Huawei Local Security Checks | high |
145698 | CentOS 8 : dnsmasq (CESA-2021:0150) | Nessus | CentOS Local Security Checks | high |
145421 | Photon OS 2.0: Dnsmasq PHSA-2021-2.0-0312 | Nessus | PhotonOS Local Security Checks | high |
145420 | Photon OS 1.0: Dnsmasq PHSA-2021-1.0-0356 | Nessus | PhotonOS Local Security Checks | high |
145414 | Photon OS 3.0: Dnsmasq PHSA-2021-3.0-0186 | Nessus | PhotonOS Local Security Checks | high |
145356 | openSUSE Security Update : dnsmasq (openSUSE-2021-124) | Nessus | SuSE Local Security Checks | high |
145295 | openSUSE Security Update : dnsmasq (openSUSE-2021-129) | Nessus | SuSE Local Security Checks | high |
145282 | GLSA-202101-17 : Dnsmasq: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | high |
145241 | Fedora 33 : dnsmasq (2021-84440e87ba) | Nessus | Fedora Local Security Checks | high |
145236 | FreeBSD : dnsmasq -- DNS cache poisoning, and DNSSEC buffer overflow, vulnerabilities (5b5cf6e5-5b51-11eb-95ac-7f9491278677) | Nessus | FreeBSD Local Security Checks | high |
145199 | SUSE SLES15 Security Update : dnsmasq (SUSE-SU-2021:0162-1) | Nessus | SuSE Local Security Checks | high |
145175 | SUSE SLES12 Security Update : dnsmasq (SUSE-SU-2021:0166-1) | Nessus | SuSE Local Security Checks | high |
145108 | SUSE SLED15 / SLES15 Security Update : dnsmasq (SUSE-SU-2021:0163-1) | Nessus | SuSE Local Security Checks | high |
145088 | RHEL 8 : dnsmasq (RHSA-2021:0150) | Nessus | Red Hat Local Security Checks | high |
145086 | Oracle Linux 8 : dnsmasq (ELSA-2021-0150) | Nessus | Oracle Linux Local Security Checks | high |
145082 | RHEL 8 : dnsmasq (RHSA-2021:0152) | Nessus | Red Hat Local Security Checks | high |
145078 | Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 : Dnsmasq vulnerabilities (USN-4698-1) | Nessus | Ubuntu Local Security Checks | high |
145077 | RHEL 8 : dnsmasq (RHSA-2021:0151) | Nessus | Red Hat Local Security Checks | high |
145073 | dnsmasq < 2.83 Multiple Vulnerabilities (DNSPOOQ) | Nessus | DNS | high |