CVE-2020-25687 - A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsm

CVE-2020-25687

Summary

A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

References

Vulnerable Configurations

cpe:2.3:a:thekelleys:dnsmasq:-:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:-:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.4:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.4:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.5:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.5:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.6:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.6:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.7:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.7:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.95:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.95:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.96:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.96:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.98:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.98:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.992:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.992:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.996:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.996:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.0:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.0:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.2:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.2:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.3:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.3:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.4:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.4:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.5:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.5:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.6:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.6:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.7:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.7:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.8:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.8:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.9:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.9:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.10:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.10:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.11:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.11:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.12:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.12:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.13:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.13:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.14:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.14:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.15:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.15:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.16:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.16:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.17:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.17:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.18:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.18:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.0:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.0:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.1:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.1:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.2:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.2:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.3:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.3:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.4:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.4:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.5:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.5:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.6:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.6:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.7:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.7:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.8:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.8:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.9:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.9:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.10:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.10:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.11:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.11:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.12:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.12:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.13:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.13:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.14:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.14:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.15:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.15:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.16:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.16:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.17:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.17:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.18:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.18:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.19:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.19:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.20:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.20:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.21:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.21:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.22:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.22:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.23:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.23:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.24:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.24:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.25:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.25:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.26:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.26:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.27:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.27:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.28:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.28:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.29:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.29:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.30:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.30:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.31:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.31:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.33:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.33:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.34:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.34:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.35:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.35:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.36:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.36:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.37:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.37:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.38:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.38:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.39:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.39:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.40:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.40:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.41:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.41:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.42:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.42:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.43:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.43:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.44:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.44:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.45:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.45:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.46:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.46:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.47:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.47:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.48:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.48:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.49:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.49:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.50:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.50:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.51:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.51:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.52:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.52:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.53:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.53:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.54:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.54:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.55:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.55:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.56:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.56:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.57:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.57:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.58:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.58:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.59:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.59:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.60:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.60:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.61:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.61:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.62:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.62:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.63:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.63:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.64:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.64:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.65:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.65:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.66:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.66:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.67:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.67:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.68:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.68:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.69:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.69:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.70:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.70:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.71:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.71:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.72:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.72:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.73:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.73:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.74:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.74:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.75:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.75:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.76:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.76:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.77:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.77:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.78:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.78:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.79:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.79:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.80:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.80:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.81:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.81:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.82:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.82:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

CVSS

Base:	7.1 (as of 26-03-2021 - 18:40)
Impact:
Exploitability:

CWE

CWE-122

CAPEC

Forced Integer Overflow
This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:C

redhat via4

advisories

bugzilla

id	1891568
title	CVE-2020-25687 dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 8 is installed
oval oval:com.redhat.rhba:tst:20193384074

AND
comment dnsmasq is earlier than 0:2.79-13.el8_3.1
oval oval:com.redhat.rhsa:tst:20210150001
comment dnsmasq is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20172117002

AND

comment dnsmasq-utils is earlier than 0:2.79-13.el8_3.1
oval oval:com.redhat.rhsa:tst:20210150003
comment dnsmasq-utils is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20172117004

rhsa

id	RHSA-2021:0150
released	2021-01-19
severity	Important
title	RHSA-2021:0150: dnsmasq security update (Important)

rpms

dnsmasq-0:2.79-13.el8_3.1
dnsmasq-debuginfo-0:2.79-13.el8_3.1
dnsmasq-debugsource-0:2.79-13.el8_3.1
dnsmasq-utils-0:2.79-13.el8_3.1
dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1
dnsmasq-0:2.79-11.el8_2.2
dnsmasq-debuginfo-0:2.79-11.el8_2.2
dnsmasq-debugsource-0:2.79-11.el8_2.2
dnsmasq-utils-0:2.79-11.el8_2.2
dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2
dnsmasq-0:2.79-6.el8_1.1
dnsmasq-debuginfo-0:2.79-6.el8_1.1
dnsmasq-debugsource-0:2.79-6.el8_1.1
dnsmasq-utils-0:2.79-6.el8_1.1
dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1

refmap via4

fedora	FEDORA-2021-84440e87ba
gentoo	GLSA-202101-17
misc	https://bugzilla.redhat.com/show_bug.cgi?id=1891568 https://www.jsof-tech.com/disclosures/dnspooq/

Last major update

26-03-2021 - 18:40

Published

20-01-2021 - 17:15

Last modified

26-03-2021 - 18:40