Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-25686
Vulnerability from cvelistv5
Published
2021-01-20 16:47
Modified
2024-08-04 15:40
Severity ?
EPSS score ?
Summary
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T15:40:36.677Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { name: "FEDORA-2021-84440e87ba", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/", }, { name: "GLSA-202101-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202101-17", }, { name: "DSA-4844", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4844", }, { name: "FEDORA-2021-2e4c3d5a9d", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "dnsmasq", vendor: "n/a", versions: [ { status: "affected", version: "dnsmasq 2.83", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-358", description: "CWE-358", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-25T13:52:14", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { name: "FEDORA-2021-84440e87ba", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/", }, { name: "GLSA-202101-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202101-17", }, { name: "DSA-4844", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4844", }, { name: "FEDORA-2021-2e4c3d5a9d", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2020-25686", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "dnsmasq", version: { version_data: [ { version_value: "dnsmasq 2.83", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-358", }, ], }, ], }, references: { reference_data: [ { name: "https://www.jsof-tech.com/disclosures/dnspooq/", refsource: "MISC", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { name: "FEDORA-2021-84440e87ba", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/", }, { name: "GLSA-202101-17", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202101-17", }, { name: "DSA-4844", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4844", }, { name: "FEDORA-2021-2e4c3d5a9d", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/", }, { name: "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61", refsource: "MISC", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2020-25686", datePublished: "2021-01-20T16:47:17", dateReserved: "2020-09-16T00:00:00", dateUpdated: "2024-08-04T15:40:36.677Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2020-25686\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2021-01-20T17:15:13.000\",\"lastModified\":\"2024-11-21T05:18:28.027\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \\\"Birthday Attacks\\\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.\"},{\"lang\":\"es\",\"value\":\"Se encontró un fallo en dnsmasq versiones anteriores a 2.83. Al recibir una consulta, dnsmasq no comprueba si existe una petición pendiente existente para el mismo nombre y reenvía una nueva petición. Por defecto, se puede enviar un máximo de 150 consultas pendientes a los servidores aguas arriba, por lo que puede haber como máximo 150 consultas para el mismo nombre. Este fallo permite a un atacante fuera de ruta en la red reduzca sustancialmente el número de intentos que tendría que realizar para falsificar una respuesta y hacer que dnsmasq la acepte. Este problema se menciona en la sección \\\"Birthday Attacks\\\" de RFC5452. Si se encadenaba con CVE-2020-25684, se reduce la complejidad del ataque de un ataque con éxito. La mayor amenaza de esta vulnerabilidad es la integridad de los datos\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":3.7,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-358\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-290\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.83\",\"matchCriteriaId\":\"F38115DF-0F5C-442D-83D4-1125AAB4E2B7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.21\",\"versionEndExcluding\":\"4.21.14m\",\"matchCriteriaId\":\"2E5C0DA1-5E51-40F1-82FE-CF7E391C07E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.22\",\"versionEndExcluding\":\"4.22.9m\",\"matchCriteriaId\":\"206E795F-BFE9-4AB9-A35F-60AC911F38E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.23\",\"versionEndExcluding\":\"4.23.7m\",\"matchCriteriaId\":\"6FA15712-F804-4060-99C0-7370D6111B83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.24\",\"versionEndExcluding\":\"4.24.5m\",\"matchCriteriaId\":\"21A321F5-CB56-4258-BB30-6753EECB89DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.25\",\"versionEndExcluding\":\"4.25.2f\",\"matchCriteriaId\":\"9445AF76-6AE4-46A6-A470-979ADBB19EE2\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1890125\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://security.gentoo.org/glsa/202101-17\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4844\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.jsof-tech.com/disclosures/dnspooq/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1890125\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202101-17\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4844\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.jsof-tech.com/disclosures/dnspooq/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}", }, }
wid-sec-w-2023-2836
Vulnerability from csaf_certbund
Published
2021-01-18 23:00
Modified
2023-11-06 23:00
Summary
dnsmasq: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Dnsmasq ist ein leichtgewichtiger DNS- und DHCP Server.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in dnsmasq und mehreren Cisco Produkten ausnutzen, um beliebigen Programmcode auszuführen und um den DNS Cache zu manipulieren.
Betroffene Betriebssysteme
- UNIX
- Linux
- CISCO Appliance
- Appliance
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Dnsmasq ist ein leichtgewichtiger DNS- und DHCP Server.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in dnsmasq und mehreren Cisco Produkten ausnutzen, um beliebigen Programmcode auszuführen und um den DNS Cache zu manipulieren.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux\n- CISCO Appliance\n- Appliance", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-2836 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2023-2836.json", }, { category: "self", summary: "WID-SEC-2023-2836 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2836", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2023-12971 vom 2023-11-06", url: "https://linux.oracle.com/errata/ELSA-2023-12971.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2023-12972 vom 2023-11-06", url: "https://linux.oracle.com/errata/ELSA-2023-12972.html", }, { category: "external", summary: "Debian Security Advisory DLA-2604 vom 2021-03-22", url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00027.html", }, { category: "external", summary: "Cisco Security Advisory CISCO-SA-DNSMASQ-DNS-2021-C5MRDF3G vom 2021-01-18", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnsmasq-dns-2021-c5mrdf3g", }, { category: "external", summary: "DNSpooq Attack vom 2021-01-18", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, { category: "external", summary: "Arista Security Advisory 61 vom 2021-01-19", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61", }, { category: "external", summary: "Ubuntu Security Notice USN-4698-1 vom 2021-01-19", url: "https://usn.ubuntu.com/4698-1", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0150 vom 2021-01-19", url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0151 vom 2021-01-19", url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0152 vom 2021-01-19", url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0153 vom 2021-01-19", url: "https://access.redhat.com/errata/RHSA-2021:0153", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0154 vom 2021-01-19", url: "https://access.redhat.com/errata/RHSA-2021:0154", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0155 vom 2021-01-19", url: "https://access.redhat.com/errata/RHSA-2021:0155", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0156 vom 2021-01-19", url: "https://access.redhat.com/errata/RHSA-2021:0156", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2021-0153 vom 2021-01-19", url: "http://linux.oracle.com/errata/ELSA-2021-0153.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2021-0150 vom 2021-01-20", url: "https://linux.oracle.com/errata/ELSA-2021-0150.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:0163-1 vom 2021-01-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008222.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:14603-1 vom 2021-01-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008224.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:0166-1 vom 2021-01-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008223.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:0162-1 vom 2021-01-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008225.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:14604-1 vom 2021-01-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008226.html", }, { category: "external", summary: "ICS CERT Advisory ICSA-21-019-01 vom 2021-01-19", url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-01", }, { category: "external", summary: "Changelog dnsmasq", url: "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG", }, { category: "external", summary: "Arch Linux Security Advisory ASA-202101-38 vom 2021-01-21", url: "https://security.archlinux.org/ASA-202101-38/generate", }, { category: "external", summary: "Synology Security Advisory SYNOLOGY-SA-21:01 vom 2021-01-25", url: "https://www.synology.com/en-global/support/security/Synology_SA_21_01", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0240 vom 2021-01-25", url: "https://access.redhat.com/errata/RHSA-2021:0240", }, { category: "external", summary: "Gentoo Linux Security Advisory GLSA-202101-17 vom 2021-01-25", url: "https://security.gentoo.org/glsa/202101-17", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0245 vom 2021-01-25", url: "https://access.redhat.com/errata/RHSA-2021:0245", }, { category: "external", summary: "CentOS Security Advisory CESA-2021:0153 vom 2021-01-26", url: "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2021-0153-Moderate-CentOS-7-dnsmasq-Security-Update-tp4646120.html", }, { category: "external", summary: "Zyxel security advisory for DNSpooq vom 2021-01-26", url: "https://www.zyxel.com/support/DNSpooq.shtml", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0281 vom 2021-02-03", url: "https://access.redhat.com/errata/RHSA-2021:0281", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0395 vom 2021-02-03", url: "https://access.redhat.com/errata/RHSA-2021:0395", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0401 vom 2021-02-03", url: "https://access.redhat.com/errata/RHSA-2021:0401", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2021-1587 vom 2021-02-03", url: "https://alas.aws.amazon.com/AL2/ALAS-2021-1587.html", }, { category: "external", summary: "Debian Security Advisory DSA-4844 vom 2021-02-04", url: "https://www.debian.org/security/2021/dsa-4844", }, { category: "external", summary: "Aruba Product Security Advisory", url: "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-006.txt", }, { category: "external", summary: "Ubuntu Security Notice USN-4698-2 vom 2021-02-24", url: "https://ubuntu.com/security/notices/USN-4698-2", }, { category: "external", summary: "AVAYA Security Advisory ASA-2021-006 vom 2021-03-03", url: "https://downloads.avaya.com/css/P8/documents/101074267", }, { category: "external", summary: "QNAP Security Advisory QSA-21-09 vom 2021-06-30", url: "https://www.qnap.com/de-de/security-advisory/QSA-21-09", }, ], source_lang: "en-US", title: "dnsmasq: Mehrere Schwachstellen", tracking: { current_release_date: "2023-11-06T23:00:00.000+00:00", generator: { date: "2024-08-15T18:01:09.653+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-2836", initial_release_date: "2021-01-18T23:00:00.000+00:00", revision_history: [ { date: "2021-01-18T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2021-01-19T23:00:00.000+00:00", number: "2", summary: "Neue Updates von Arista, Cisco, Ubuntu, Red Hat, Oracle Linux und SUSE aufgenommen", }, { date: "2021-01-20T23:00:00.000+00:00", number: "3", summary: "Neue Updates von Arch Linux aufgenommen", }, { date: "2021-01-24T23:00:00.000+00:00", number: "4", summary: "Neue Updates von Synology aufgenommen", }, { date: "2021-01-25T23:00:00.000+00:00", number: "5", summary: "Neue Updates von Red Hat und Gentoo aufgenommen", }, { date: "2021-01-26T23:00:00.000+00:00", number: "6", summary: "Neue Updates von CentOS aufgenommen", }, { date: "2021-02-02T23:00:00.000+00:00", number: "7", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2021-02-03T23:00:00.000+00:00", number: "8", summary: "Neue Updates von Red Hat und Amazon aufgenommen", }, { date: "2021-02-04T23:00:00.000+00:00", number: "9", summary: "Neue Updates von Debian aufgenommen", }, { date: "2021-02-23T23:00:00.000+00:00", number: "10", summary: "Neue Updates von Aruba aufgenommen", }, { date: "2021-02-24T23:00:00.000+00:00", number: "11", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2021-03-04T23:00:00.000+00:00", number: "12", summary: "Neue Updates von AVAYA aufgenommen", }, { date: "2021-03-22T23:00:00.000+00:00", number: "13", summary: "Neue Updates von Debian aufgenommen", }, { date: "2021-06-30T22:00:00.000+00:00", number: "14", summary: "Neue Updates von QNAP aufgenommen", }, { date: "2023-11-06T23:00:00.000+00:00", number: "15", summary: "Neue Updates von Oracle Linux aufgenommen", }, ], status: "final", version: "15", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Amazon Linux 2", product: { name: "Amazon Linux 2", product_id: "398363", product_identification_helper: { cpe: "cpe:/o:amazon:linux_2:-", }, }, }, ], category: "vendor", name: "Amazon", }, { branches: [ { category: "product_name", name: "Arista EOS", product: { name: "Arista EOS", product_id: "T007065", product_identification_helper: { cpe: "cpe:/o:arista:arista_eos:-", }, }, }, ], category: "vendor", name: "Arista", }, { branches: [ { category: "product_name", name: "Aruba ArubaOS", product: { name: "Aruba ArubaOS", product_id: "T016785", product_identification_helper: { cpe: "cpe:/o:arubanetworks:arubaos:-", }, }, }, ], category: "vendor", name: "Aruba", }, { branches: [ { category: "product_name", name: "Avaya Aura Application Enablement Services", product: { name: "Avaya Aura Application Enablement Services", product_id: "T015516", product_identification_helper: { cpe: "cpe:/a:avaya:aura_application_enablement_services:-", }, }, }, { category: "product_name", name: "Avaya Aura Communication Manager", product: { name: "Avaya Aura Communication Manager", product_id: "T015126", product_identification_helper: { cpe: "cpe:/a:avaya:communication_manager:-", }, }, }, { category: "product_name", name: "Avaya Aura Session Manager", product: { name: "Avaya Aura Session Manager", product_id: "T015127", product_identification_helper: { cpe: "cpe:/a:avaya:session_manager:-", }, }, }, { category: "product_name", name: "Avaya Aura System Manager", product: { name: "Avaya Aura System Manager", product_id: "T015518", product_identification_helper: { cpe: "cpe:/a:avaya:aura_system_manager:-", }, }, }, { category: "product_name", name: "Avaya Web License Manager", product: { name: "Avaya Web License Manager", product_id: "T016243", product_identification_helper: { cpe: "cpe:/a:avaya:web_license_manager:-", }, }, }, ], category: "vendor", name: "Avaya", }, { branches: [ { category: "product_name", name: "Cisco Aironet Access Point", product: { name: "Cisco Aironet Access Point", product_id: "T012215", product_identification_helper: { cpe: "cpe:/o:cisco:aironet_access_point_software:-", }, }, }, { category: "product_name", name: "Cisco Analog Telephone Adaptor (ATA)", product: { name: "Cisco Analog Telephone Adaptor (ATA)", product_id: "T015211", product_identification_helper: { cpe: "cpe:/h:cisco:ata:spa122", }, }, }, { category: "product_name", name: "Cisco Catalyst Access Point", product: { name: "Cisco Catalyst Access Point", product_id: "T018120", product_identification_helper: { cpe: "cpe:/h:cisco:catalyst:access_point", }, }, }, { category: "product_name", name: "Cisco IP Phone", product: { name: "Cisco IP Phone", product_id: "2070", product_identification_helper: { cpe: "cpe:/h:cisco:ip_phone:-", }, }, }, { category: "product_name", name: "Cisco Small Business", product: { name: "Cisco Small Business", product_id: "T006515", product_identification_helper: { cpe: "cpe:/h:cisco:small_business:srp520", }, }, }, { category: "product_name", name: "Cisco TelePresence Video Communication Server", product: { name: "Cisco TelePresence Video Communication Server", product_id: "T018121", product_identification_helper: { cpe: "cpe:/h:cisco:telepresence:video_communication_server", }, }, }, { category: "product_name", name: "Cisco Unified IP Phone", product: { name: "Cisco Unified IP Phone", product_id: "T003264", product_identification_helper: { cpe: "cpe:/h:cisco:unified_ip_phones:-", }, }, }, { category: "product_name", name: "Cisco WebEx Teams", product: { name: "Cisco WebEx Teams", product_id: "T013516", product_identification_helper: { cpe: "cpe:/a:cisco:webex:teams", }, }, }, ], category: "vendor", name: "Cisco", }, { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { category: "product_name", name: "Gentoo Linux", product: { name: "Gentoo Linux", product_id: "T012167", product_identification_helper: { cpe: "cpe:/o:gentoo:linux:-", }, }, }, ], category: "vendor", name: "Gentoo", }, { branches: [ { category: "product_name", name: "Open Source Arch Linux", product: { name: "Open Source Arch Linux", product_id: "T013312", product_identification_helper: { cpe: "cpe:/o:archlinux:archlinux:-", }, }, }, { category: "product_name", name: "Open Source CentOS", product: { name: "Open Source CentOS", product_id: "1727", product_identification_helper: { cpe: "cpe:/o:centos:centos:-", }, }, }, { category: "product_name", name: "Open Source dnsmasq < 2.83", product: { name: "Open Source dnsmasq < 2.83", product_id: "T018119", product_identification_helper: { cpe: "cpe:/a:dnsmasq:dnsmasq:2.83", }, }, }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { category: "product_name", name: "QNAP NAS", product: { name: "QNAP NAS", product_id: "T017100", product_identification_helper: { cpe: "cpe:/h:qnap:nas:-", }, }, }, ], category: "vendor", name: "QNAP", }, { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Synology DiskStation Manager", product: { name: "Synology DiskStation Manager", product_id: "450918", product_identification_helper: { cpe: "cpe:/a:synology:diskstation_manager:-", }, }, }, ], category: "vendor", name: "Synology", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2020-25681", notes: [ { category: "description", text: "In dnsmasq und mehreren Cisco Produkten existieren mehrere Schwachstellen aufgrund von Buffer-Overflows und fehlerhafter Eingabeprüfungen. Ein entfernter, anonymer Angreifer kann dadurch beliebigen Code im Kontext des Dienstes zur Ausführung bringen oder DNS Cache-Poisoning Angriffe durchführen.", }, ], product_status: { known_affected: [ "2070", "T003264", "67646", "T006515", "T012215", "T015127", "T015126", "T004914", "450918", "T018120", "T018121", "398363", "T007065", "T013516", "T015518", "T015516", "T013312", "T012167", "T016785", "T015211", "T016243", "T017100", "2951", "T002207", "T000126", "1727", ], }, release_date: "2021-01-18T23:00:00.000+00:00", title: "CVE-2020-25681", }, { cve: "CVE-2020-25682", notes: [ { category: "description", text: "In dnsmasq und mehreren Cisco Produkten existieren mehrere Schwachstellen aufgrund von Buffer-Overflows und fehlerhafter Eingabeprüfungen. Ein entfernter, anonymer Angreifer kann dadurch beliebigen Code im Kontext des Dienstes zur Ausführung bringen oder DNS Cache-Poisoning Angriffe durchführen.", }, ], product_status: { known_affected: [ "2070", "T003264", "67646", "T006515", "T012215", "T015127", "T015126", "T004914", "450918", "T018120", "T018121", "398363", "T007065", "T013516", "T015518", "T015516", "T013312", "T012167", "T016785", "T015211", "T016243", "T017100", "2951", "T002207", "T000126", "1727", ], }, release_date: "2021-01-18T23:00:00.000+00:00", title: "CVE-2020-25682", }, { cve: "CVE-2020-25683", notes: [ { category: "description", text: "In dnsmasq und mehreren Cisco Produkten existieren mehrere Schwachstellen aufgrund von Buffer-Overflows und fehlerhafter Eingabeprüfungen. Ein entfernter, anonymer Angreifer kann dadurch beliebigen Code im Kontext des Dienstes zur Ausführung bringen oder DNS Cache-Poisoning Angriffe durchführen.", }, ], product_status: { known_affected: [ "2070", "T003264", "67646", "T006515", "T012215", "T015127", "T015126", "T004914", "450918", "T018120", "T018121", "398363", "T007065", "T013516", "T015518", "T015516", "T013312", "T012167", "T016785", "T015211", "T016243", "T017100", "2951", "T002207", "T000126", "1727", ], }, release_date: "2021-01-18T23:00:00.000+00:00", title: "CVE-2020-25683", }, { cve: "CVE-2020-25684", notes: [ { category: "description", text: "In dnsmasq und mehreren Cisco Produkten existieren mehrere Schwachstellen aufgrund von Buffer-Overflows und fehlerhafter Eingabeprüfungen. Ein entfernter, anonymer Angreifer kann dadurch beliebigen Code im Kontext des Dienstes zur Ausführung bringen oder DNS Cache-Poisoning Angriffe durchführen.", }, ], product_status: { known_affected: [ "2070", "T003264", "67646", "T006515", "T012215", "T015127", "T015126", "T004914", "450918", "T018120", "T018121", "398363", "T007065", "T013516", "T015518", "T015516", "T013312", "T012167", "T016785", "T015211", "T016243", "T017100", "2951", "T002207", "T000126", "1727", ], }, release_date: "2021-01-18T23:00:00.000+00:00", title: "CVE-2020-25684", }, { cve: "CVE-2020-25685", notes: [ { category: "description", text: "In dnsmasq und mehreren Cisco Produkten existieren mehrere Schwachstellen aufgrund von Buffer-Overflows und fehlerhafter Eingabeprüfungen. Ein entfernter, anonymer Angreifer kann dadurch beliebigen Code im Kontext des Dienstes zur Ausführung bringen oder DNS Cache-Poisoning Angriffe durchführen.", }, ], product_status: { known_affected: [ "2070", "T003264", "67646", "T006515", "T012215", "T015127", "T015126", "T004914", "450918", "T018120", "T018121", "398363", "T007065", "T013516", "T015518", "T015516", "T013312", "T012167", "T016785", "T015211", "T016243", "T017100", "2951", "T002207", "T000126", "1727", ], }, release_date: "2021-01-18T23:00:00.000+00:00", title: "CVE-2020-25685", }, { cve: "CVE-2020-25686", notes: [ { category: "description", text: "In dnsmasq und mehreren Cisco Produkten existieren mehrere Schwachstellen aufgrund von Buffer-Overflows und fehlerhafter Eingabeprüfungen. Ein entfernter, anonymer Angreifer kann dadurch beliebigen Code im Kontext des Dienstes zur Ausführung bringen oder DNS Cache-Poisoning Angriffe durchführen.", }, ], product_status: { known_affected: [ "2070", "T003264", "67646", "T006515", "T012215", "T015127", "T015126", "T004914", "450918", "T018120", "T018121", "398363", "T007065", "T013516", "T015518", "T015516", "T013312", "T012167", "T016785", "T015211", "T016243", "T017100", "2951", "T002207", "T000126", "1727", ], }, release_date: "2021-01-18T23:00:00.000+00:00", title: "CVE-2020-25686", }, { cve: "CVE-2020-25687", notes: [ { category: "description", text: "In dnsmasq und mehreren Cisco Produkten existieren mehrere Schwachstellen aufgrund von Buffer-Overflows und fehlerhafter Eingabeprüfungen. Ein entfernter, anonymer Angreifer kann dadurch beliebigen Code im Kontext des Dienstes zur Ausführung bringen oder DNS Cache-Poisoning Angriffe durchführen.", }, ], product_status: { known_affected: [ "2070", "T003264", "67646", "T006515", "T012215", "T015127", "T015126", "T004914", "450918", "T018120", "T018121", "398363", "T007065", "T013516", "T015518", "T015516", "T013312", "T012167", "T016785", "T015211", "T016243", "T017100", "2951", "T002207", "T000126", "1727", ], }, release_date: "2021-01-18T23:00:00.000+00:00", title: "CVE-2020-25687", }, ], }
WID-SEC-W-2023-2836
Vulnerability from csaf_certbund
Published
2021-01-18 23:00
Modified
2023-11-06 23:00
Summary
dnsmasq: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Dnsmasq ist ein leichtgewichtiger DNS- und DHCP Server.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in dnsmasq und mehreren Cisco Produkten ausnutzen, um beliebigen Programmcode auszuführen und um den DNS Cache zu manipulieren.
Betroffene Betriebssysteme
- UNIX
- Linux
- CISCO Appliance
- Appliance
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Dnsmasq ist ein leichtgewichtiger DNS- und DHCP Server.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in dnsmasq und mehreren Cisco Produkten ausnutzen, um beliebigen Programmcode auszuführen und um den DNS Cache zu manipulieren.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux\n- CISCO Appliance\n- Appliance", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-2836 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2023-2836.json", }, { category: "self", summary: "WID-SEC-2023-2836 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2836", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2023-12971 vom 2023-11-06", url: "https://linux.oracle.com/errata/ELSA-2023-12971.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2023-12972 vom 2023-11-06", url: "https://linux.oracle.com/errata/ELSA-2023-12972.html", }, { category: "external", summary: "Debian Security Advisory DLA-2604 vom 2021-03-22", url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00027.html", }, { category: "external", summary: "Cisco Security Advisory CISCO-SA-DNSMASQ-DNS-2021-C5MRDF3G vom 2021-01-18", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnsmasq-dns-2021-c5mrdf3g", }, { category: "external", summary: "DNSpooq Attack vom 2021-01-18", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, { category: "external", summary: "Arista Security Advisory 61 vom 2021-01-19", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61", }, { category: "external", summary: "Ubuntu Security Notice USN-4698-1 vom 2021-01-19", url: "https://usn.ubuntu.com/4698-1", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0150 vom 2021-01-19", url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0151 vom 2021-01-19", url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0152 vom 2021-01-19", url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0153 vom 2021-01-19", url: "https://access.redhat.com/errata/RHSA-2021:0153", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0154 vom 2021-01-19", url: "https://access.redhat.com/errata/RHSA-2021:0154", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0155 vom 2021-01-19", url: "https://access.redhat.com/errata/RHSA-2021:0155", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0156 vom 2021-01-19", url: "https://access.redhat.com/errata/RHSA-2021:0156", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2021-0153 vom 2021-01-19", url: "http://linux.oracle.com/errata/ELSA-2021-0153.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2021-0150 vom 2021-01-20", url: "https://linux.oracle.com/errata/ELSA-2021-0150.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:0163-1 vom 2021-01-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008222.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:14603-1 vom 2021-01-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008224.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:0166-1 vom 2021-01-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008223.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:0162-1 vom 2021-01-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008225.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:14604-1 vom 2021-01-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008226.html", }, { category: "external", summary: "ICS CERT Advisory ICSA-21-019-01 vom 2021-01-19", url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-01", }, { category: "external", summary: "Changelog dnsmasq", url: "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG", }, { category: "external", summary: "Arch Linux Security Advisory ASA-202101-38 vom 2021-01-21", url: "https://security.archlinux.org/ASA-202101-38/generate", }, { category: "external", summary: "Synology Security Advisory SYNOLOGY-SA-21:01 vom 2021-01-25", url: "https://www.synology.com/en-global/support/security/Synology_SA_21_01", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0240 vom 2021-01-25", url: "https://access.redhat.com/errata/RHSA-2021:0240", }, { category: "external", summary: "Gentoo Linux Security Advisory GLSA-202101-17 vom 2021-01-25", url: "https://security.gentoo.org/glsa/202101-17", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0245 vom 2021-01-25", url: "https://access.redhat.com/errata/RHSA-2021:0245", }, { category: "external", summary: "CentOS Security Advisory CESA-2021:0153 vom 2021-01-26", url: "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2021-0153-Moderate-CentOS-7-dnsmasq-Security-Update-tp4646120.html", }, { category: "external", summary: "Zyxel security advisory for DNSpooq vom 2021-01-26", url: "https://www.zyxel.com/support/DNSpooq.shtml", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0281 vom 2021-02-03", url: "https://access.redhat.com/errata/RHSA-2021:0281", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0395 vom 2021-02-03", url: "https://access.redhat.com/errata/RHSA-2021:0395", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0401 vom 2021-02-03", url: "https://access.redhat.com/errata/RHSA-2021:0401", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2021-1587 vom 2021-02-03", url: "https://alas.aws.amazon.com/AL2/ALAS-2021-1587.html", }, { category: "external", summary: "Debian Security Advisory DSA-4844 vom 2021-02-04", url: "https://www.debian.org/security/2021/dsa-4844", }, { category: "external", summary: "Aruba Product Security Advisory", url: "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-006.txt", }, { category: "external", summary: "Ubuntu Security Notice USN-4698-2 vom 2021-02-24", url: "https://ubuntu.com/security/notices/USN-4698-2", }, { category: "external", summary: "AVAYA Security Advisory ASA-2021-006 vom 2021-03-03", url: "https://downloads.avaya.com/css/P8/documents/101074267", }, { category: "external", summary: "QNAP Security Advisory QSA-21-09 vom 2021-06-30", url: "https://www.qnap.com/de-de/security-advisory/QSA-21-09", }, ], source_lang: "en-US", title: "dnsmasq: Mehrere Schwachstellen", tracking: { current_release_date: "2023-11-06T23:00:00.000+00:00", generator: { date: "2024-08-15T18:01:09.653+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-2836", initial_release_date: "2021-01-18T23:00:00.000+00:00", revision_history: [ { date: "2021-01-18T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2021-01-19T23:00:00.000+00:00", number: "2", summary: "Neue Updates von Arista, Cisco, Ubuntu, Red Hat, Oracle Linux und SUSE aufgenommen", }, { date: "2021-01-20T23:00:00.000+00:00", number: "3", summary: "Neue Updates von Arch Linux aufgenommen", }, { date: "2021-01-24T23:00:00.000+00:00", number: "4", summary: "Neue Updates von Synology aufgenommen", }, { date: "2021-01-25T23:00:00.000+00:00", number: "5", summary: "Neue Updates von Red Hat und Gentoo aufgenommen", }, { date: "2021-01-26T23:00:00.000+00:00", number: "6", summary: "Neue Updates von CentOS aufgenommen", }, { date: "2021-02-02T23:00:00.000+00:00", number: "7", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2021-02-03T23:00:00.000+00:00", number: "8", summary: "Neue Updates von Red Hat und Amazon aufgenommen", }, { date: "2021-02-04T23:00:00.000+00:00", number: "9", summary: "Neue Updates von Debian aufgenommen", }, { date: "2021-02-23T23:00:00.000+00:00", number: "10", summary: "Neue Updates von Aruba aufgenommen", }, { date: "2021-02-24T23:00:00.000+00:00", number: "11", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2021-03-04T23:00:00.000+00:00", number: "12", summary: "Neue Updates von AVAYA aufgenommen", }, { date: "2021-03-22T23:00:00.000+00:00", number: "13", summary: "Neue Updates von Debian aufgenommen", }, { date: "2021-06-30T22:00:00.000+00:00", number: "14", summary: "Neue Updates von QNAP aufgenommen", }, { date: "2023-11-06T23:00:00.000+00:00", number: "15", summary: "Neue Updates von Oracle Linux aufgenommen", }, ], status: "final", version: "15", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Amazon Linux 2", product: { name: "Amazon Linux 2", product_id: "398363", product_identification_helper: { cpe: "cpe:/o:amazon:linux_2:-", }, }, }, ], category: "vendor", name: "Amazon", }, { branches: [ { category: "product_name", name: "Arista EOS", product: { name: "Arista EOS", product_id: "T007065", product_identification_helper: { cpe: "cpe:/o:arista:arista_eos:-", }, }, }, ], category: "vendor", name: "Arista", }, { branches: [ { category: "product_name", name: "Aruba ArubaOS", product: { name: "Aruba ArubaOS", product_id: "T016785", product_identification_helper: { cpe: "cpe:/o:arubanetworks:arubaos:-", }, }, }, ], category: "vendor", name: "Aruba", }, { branches: [ { category: "product_name", name: "Avaya Aura Application Enablement Services", product: { name: "Avaya Aura Application Enablement Services", product_id: "T015516", product_identification_helper: { cpe: "cpe:/a:avaya:aura_application_enablement_services:-", }, }, }, { category: "product_name", name: "Avaya Aura Communication Manager", product: { name: "Avaya Aura Communication Manager", product_id: "T015126", product_identification_helper: { cpe: "cpe:/a:avaya:communication_manager:-", }, }, }, { category: "product_name", name: "Avaya Aura Session Manager", product: { name: "Avaya Aura Session Manager", product_id: "T015127", product_identification_helper: { cpe: "cpe:/a:avaya:session_manager:-", }, }, }, { category: "product_name", name: "Avaya Aura System Manager", product: { name: "Avaya Aura System Manager", product_id: "T015518", product_identification_helper: { cpe: "cpe:/a:avaya:aura_system_manager:-", }, }, }, { category: "product_name", name: "Avaya Web License Manager", product: { name: "Avaya Web License Manager", product_id: "T016243", product_identification_helper: { cpe: "cpe:/a:avaya:web_license_manager:-", }, }, }, ], category: "vendor", name: "Avaya", }, { branches: [ { category: "product_name", name: "Cisco Aironet Access Point", product: { name: "Cisco Aironet Access Point", product_id: "T012215", product_identification_helper: { cpe: "cpe:/o:cisco:aironet_access_point_software:-", }, }, }, { category: "product_name", name: "Cisco Analog Telephone Adaptor (ATA)", product: { name: "Cisco Analog Telephone Adaptor (ATA)", product_id: "T015211", product_identification_helper: { cpe: "cpe:/h:cisco:ata:spa122", }, }, }, { category: "product_name", name: "Cisco Catalyst Access Point", product: { name: "Cisco Catalyst Access Point", product_id: "T018120", product_identification_helper: { cpe: "cpe:/h:cisco:catalyst:access_point", }, }, }, { category: "product_name", name: "Cisco IP Phone", product: { name: "Cisco IP Phone", product_id: "2070", product_identification_helper: { cpe: "cpe:/h:cisco:ip_phone:-", }, }, }, { category: "product_name", name: "Cisco Small Business", product: { name: "Cisco Small Business", product_id: "T006515", product_identification_helper: { cpe: "cpe:/h:cisco:small_business:srp520", }, }, }, { category: "product_name", name: "Cisco TelePresence Video Communication Server", product: { name: "Cisco TelePresence Video Communication Server", product_id: "T018121", product_identification_helper: { cpe: "cpe:/h:cisco:telepresence:video_communication_server", }, }, }, { category: "product_name", name: "Cisco Unified IP Phone", product: { name: "Cisco Unified IP Phone", product_id: "T003264", product_identification_helper: { cpe: "cpe:/h:cisco:unified_ip_phones:-", }, }, }, { category: "product_name", name: "Cisco WebEx Teams", product: { name: "Cisco WebEx Teams", product_id: "T013516", product_identification_helper: { cpe: "cpe:/a:cisco:webex:teams", }, }, }, ], category: "vendor", name: "Cisco", }, { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { category: "product_name", name: "Gentoo Linux", product: { name: "Gentoo Linux", product_id: "T012167", product_identification_helper: { cpe: "cpe:/o:gentoo:linux:-", }, }, }, ], category: "vendor", name: "Gentoo", }, { branches: [ { category: "product_name", name: "Open Source Arch Linux", product: { name: "Open Source Arch Linux", product_id: "T013312", product_identification_helper: { cpe: "cpe:/o:archlinux:archlinux:-", }, }, }, { category: "product_name", name: "Open Source CentOS", product: { name: "Open Source CentOS", product_id: "1727", product_identification_helper: { cpe: "cpe:/o:centos:centos:-", }, }, }, { category: "product_name", name: "Open Source dnsmasq < 2.83", product: { name: "Open Source dnsmasq < 2.83", product_id: "T018119", product_identification_helper: { cpe: "cpe:/a:dnsmasq:dnsmasq:2.83", }, }, }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { category: "product_name", name: "QNAP NAS", product: { name: "QNAP NAS", product_id: "T017100", product_identification_helper: { cpe: "cpe:/h:qnap:nas:-", }, }, }, ], category: "vendor", name: "QNAP", }, { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Synology DiskStation Manager", product: { name: "Synology DiskStation Manager", product_id: "450918", product_identification_helper: { cpe: "cpe:/a:synology:diskstation_manager:-", }, }, }, ], category: "vendor", name: "Synology", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2020-25681", notes: [ { category: "description", text: "In dnsmasq und mehreren Cisco Produkten existieren mehrere Schwachstellen aufgrund von Buffer-Overflows und fehlerhafter Eingabeprüfungen. Ein entfernter, anonymer Angreifer kann dadurch beliebigen Code im Kontext des Dienstes zur Ausführung bringen oder DNS Cache-Poisoning Angriffe durchführen.", }, ], product_status: { known_affected: [ "2070", "T003264", "67646", "T006515", "T012215", "T015127", "T015126", "T004914", "450918", "T018120", "T018121", "398363", "T007065", "T013516", "T015518", "T015516", "T013312", "T012167", "T016785", "T015211", "T016243", "T017100", "2951", "T002207", "T000126", "1727", ], }, release_date: "2021-01-18T23:00:00.000+00:00", title: "CVE-2020-25681", }, { cve: "CVE-2020-25682", notes: [ { category: "description", text: "In dnsmasq und mehreren Cisco Produkten existieren mehrere Schwachstellen aufgrund von Buffer-Overflows und fehlerhafter Eingabeprüfungen. Ein entfernter, anonymer Angreifer kann dadurch beliebigen Code im Kontext des Dienstes zur Ausführung bringen oder DNS Cache-Poisoning Angriffe durchführen.", }, ], product_status: { known_affected: [ "2070", "T003264", "67646", "T006515", "T012215", "T015127", "T015126", "T004914", "450918", "T018120", "T018121", "398363", "T007065", "T013516", "T015518", "T015516", "T013312", "T012167", "T016785", "T015211", "T016243", "T017100", "2951", "T002207", "T000126", "1727", ], }, release_date: "2021-01-18T23:00:00.000+00:00", title: "CVE-2020-25682", }, { cve: "CVE-2020-25683", notes: [ { category: "description", text: "In dnsmasq und mehreren Cisco Produkten existieren mehrere Schwachstellen aufgrund von Buffer-Overflows und fehlerhafter Eingabeprüfungen. Ein entfernter, anonymer Angreifer kann dadurch beliebigen Code im Kontext des Dienstes zur Ausführung bringen oder DNS Cache-Poisoning Angriffe durchführen.", }, ], product_status: { known_affected: [ "2070", "T003264", "67646", "T006515", "T012215", "T015127", "T015126", "T004914", "450918", "T018120", "T018121", "398363", "T007065", "T013516", "T015518", "T015516", "T013312", "T012167", "T016785", "T015211", "T016243", "T017100", "2951", "T002207", "T000126", "1727", ], }, release_date: "2021-01-18T23:00:00.000+00:00", title: "CVE-2020-25683", }, { cve: "CVE-2020-25684", notes: [ { category: "description", text: "In dnsmasq und mehreren Cisco Produkten existieren mehrere Schwachstellen aufgrund von Buffer-Overflows und fehlerhafter Eingabeprüfungen. Ein entfernter, anonymer Angreifer kann dadurch beliebigen Code im Kontext des Dienstes zur Ausführung bringen oder DNS Cache-Poisoning Angriffe durchführen.", }, ], product_status: { known_affected: [ "2070", "T003264", "67646", "T006515", "T012215", "T015127", "T015126", "T004914", "450918", "T018120", "T018121", "398363", "T007065", "T013516", "T015518", "T015516", "T013312", "T012167", "T016785", "T015211", "T016243", "T017100", "2951", "T002207", "T000126", "1727", ], }, release_date: "2021-01-18T23:00:00.000+00:00", title: "CVE-2020-25684", }, { cve: "CVE-2020-25685", notes: [ { category: "description", text: "In dnsmasq und mehreren Cisco Produkten existieren mehrere Schwachstellen aufgrund von Buffer-Overflows und fehlerhafter Eingabeprüfungen. Ein entfernter, anonymer Angreifer kann dadurch beliebigen Code im Kontext des Dienstes zur Ausführung bringen oder DNS Cache-Poisoning Angriffe durchführen.", }, ], product_status: { known_affected: [ "2070", "T003264", "67646", "T006515", "T012215", "T015127", "T015126", "T004914", "450918", "T018120", "T018121", "398363", "T007065", "T013516", "T015518", "T015516", "T013312", "T012167", "T016785", "T015211", "T016243", "T017100", "2951", "T002207", "T000126", "1727", ], }, release_date: "2021-01-18T23:00:00.000+00:00", title: "CVE-2020-25685", }, { cve: "CVE-2020-25686", notes: [ { category: "description", text: "In dnsmasq und mehreren Cisco Produkten existieren mehrere Schwachstellen aufgrund von Buffer-Overflows und fehlerhafter Eingabeprüfungen. Ein entfernter, anonymer Angreifer kann dadurch beliebigen Code im Kontext des Dienstes zur Ausführung bringen oder DNS Cache-Poisoning Angriffe durchführen.", }, ], product_status: { known_affected: [ "2070", "T003264", "67646", "T006515", "T012215", "T015127", "T015126", "T004914", "450918", "T018120", "T018121", "398363", "T007065", "T013516", "T015518", "T015516", "T013312", "T012167", "T016785", "T015211", "T016243", "T017100", "2951", "T002207", "T000126", "1727", ], }, release_date: "2021-01-18T23:00:00.000+00:00", title: "CVE-2020-25686", }, { cve: "CVE-2020-25687", notes: [ { category: "description", text: "In dnsmasq und mehreren Cisco Produkten existieren mehrere Schwachstellen aufgrund von Buffer-Overflows und fehlerhafter Eingabeprüfungen. Ein entfernter, anonymer Angreifer kann dadurch beliebigen Code im Kontext des Dienstes zur Ausführung bringen oder DNS Cache-Poisoning Angriffe durchführen.", }, ], product_status: { known_affected: [ "2070", "T003264", "67646", "T006515", "T012215", "T015127", "T015126", "T004914", "450918", "T018120", "T018121", "398363", "T007065", "T013516", "T015518", "T015516", "T013312", "T012167", "T016785", "T015211", "T016243", "T017100", "2951", "T002207", "T000126", "1727", ], }, release_date: "2021-01-18T23:00:00.000+00:00", title: "CVE-2020-25687", }, ], }
rhsa-2021:0395
Vulnerability from csaf_redhat
Published
2021-02-03 10:39
Modified
2024-11-15 11:45
Summary
Red Hat Security Advisory: RHV-H security, bug fix, enhancement update (redhat-virtualization-host) 4.3.13
Notes
Topic
An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
Security Fix(es):
* sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* When performing an upgrade of the Red Hat Virtualization Host using the command `yum update`, the yum repository for RHV 4.3 EUS is unreachable
As a workaround, run the following command:
`# yum update --releasever=7Server` (BZ#1899378)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.\n\nSecurity Fix(es):\n\n* sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* When performing an upgrade of the Red Hat Virtualization Host using the command `yum update`, the yum repository for RHV 4.3 EUS is unreachable\n\nAs a workaround, run the following command:\n`# yum update --releasever=7Server` (BZ#1899378)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0395", url: "https://access.redhat.com/errata/RHSA-2021:0395", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-002", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-002", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "1899378", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1899378", }, { category: "external", summary: "1916111", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916111", }, { category: "external", summary: "1917684", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1917684", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0395.json", }, ], title: "Red Hat Security Advisory: RHV-H security, bug fix, enhancement update (redhat-virtualization-host) 4.3.13", tracking: { current_release_date: "2024-11-15T11:45:51+00:00", generator: { date: "2024-11-15T11:45:51+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0395", initial_release_date: "2021-02-03T10:39:04+00:00", revision_history: [ { date: "2021-02-03T10:39:04+00:00", number: "1", summary: "Initial version", }, { date: "2021-02-03T10:39:04+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T11:45:51+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product: { name: "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::hypervisor", }, }, }, { category: "product_name", name: "RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product: { name: "RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product_id: "7Server-RHEV-4-HypervisorBuild-7", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::hypervisor", }, }, }, { category: "product_name", name: "Red Hat Virtualization 4 Hypervisor for RHEL 7", product: { name: "Red Hat Virtualization 4 Hypervisor for RHEL 7", product_id: "7Server-RHEV-4-Hypervisor-7", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::hypervisor", }, }, }, ], category: "product_family", name: "Red Hat Virtualization", }, { branches: [ { category: "product_version", name: "vdsm-0:4.30.51-1.el7ev.src", product: { name: "vdsm-0:4.30.51-1.el7ev.src", product_id: "vdsm-0:4.30.51-1.el7ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm@4.30.51-1.el7ev?arch=src", }, }, }, { category: "product_version", name: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", product: { name: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", product_id: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-release-virtualization-host@4.3.13-2.el7ev?arch=src", }, }, }, { category: "product_version", name: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", product: { name: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", product_id: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-virtualization-host@4.3.13-20210127.0.el7_9?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "vdsm-0:4.30.51-1.el7ev.x86_64", product: { name: "vdsm-0:4.30.51-1.el7ev.x86_64", product_id: "vdsm-0:4.30.51-1.el7ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm@4.30.51-1.el7ev?arch=x86_64", }, }, }, { category: "product_version", name: "vdsm-gluster-0:4.30.51-1.el7ev.x86_64", product: { name: "vdsm-gluster-0:4.30.51-1.el7ev.x86_64", product_id: "vdsm-gluster-0:4.30.51-1.el7ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-gluster@4.30.51-1.el7ev?arch=x86_64", }, }, }, { category: "product_version", name: "vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", product: { name: "vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", product_id: "vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-checkips@4.30.51-1.el7ev?arch=x86_64", }, }, }, { category: "product_version", name: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", product: { name: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", product_id: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-extra-ipv4-addrs@4.30.51-1.el7ev?arch=x86_64", }, }, }, { category: "product_version", name: "vdsm-network-0:4.30.51-1.el7ev.x86_64", product: { name: "vdsm-network-0:4.30.51-1.el7ev.x86_64", product_id: "vdsm-network-0:4.30.51-1.el7ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-network@4.30.51-1.el7ev?arch=x86_64", }, }, }, { category: "product_version", name: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", product: { name: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", product_id: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-release-virtualization-host@4.3.13-2.el7ev?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "vdsm-0:4.30.51-1.el7ev.ppc64le", product: { name: "vdsm-0:4.30.51-1.el7ev.ppc64le", product_id: "vdsm-0:4.30.51-1.el7ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm@4.30.51-1.el7ev?arch=ppc64le", }, }, }, { category: "product_version", name: "vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", product: { name: "vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", product_id: "vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-gluster@4.30.51-1.el7ev?arch=ppc64le", }, }, }, { category: "product_version", name: "vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", product: { name: "vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", product_id: "vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-checkips@4.30.51-1.el7ev?arch=ppc64le", }, }, }, { category: "product_version", name: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", product: { name: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", product_id: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-extra-ipv4-addrs@4.30.51-1.el7ev?arch=ppc64le", }, }, }, { category: "product_version", name: "vdsm-network-0:4.30.51-1.el7ev.ppc64le", product: { name: "vdsm-network-0:4.30.51-1.el7ev.ppc64le", product_id: "vdsm-network-0:4.30.51-1.el7ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-network@4.30.51-1.el7ev?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "vdsm-api-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-api-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-api-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-api@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-client-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-client-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-client-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-client@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-common-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-common-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-common-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-common@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-cpuflags@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-ethtool-options@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-fcoe@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-localdisk@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-macspoof@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-nestedvt@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-openstacknet@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-vhostmd@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-vmfex-dev@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-http-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-http-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-http-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-http@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-jsonrpc@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-python-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-python-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-python-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-python@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-yajsonrpc@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", product: { name: "redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", product_id: "redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-virtualization-host-image-update-placeholder@4.3.13-2.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", product: { name: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", product_id: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-virtualization-host-image-update@4.3.13-20210127.0.el7_9?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "vdsm-0:4.30.51-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", }, product_reference: "vdsm-0:4.30.51-1.el7ev.ppc64le", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-0:4.30.51-1.el7ev.src as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", }, product_reference: "vdsm-0:4.30.51-1.el7ev.src", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-0:4.30.51-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", }, product_reference: "vdsm-0:4.30.51-1.el7ev.x86_64", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-api-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-api-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-client-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-client-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-common-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-common-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-gluster-0:4.30.51-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", }, product_reference: "vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-gluster-0:4.30.51-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", }, product_reference: "vdsm-gluster-0:4.30.51-1.el7ev.x86_64", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", }, product_reference: "vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", }, product_reference: "vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", }, product_reference: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", }, product_reference: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-http-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-http-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-network-0:4.30.51-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", }, product_reference: "vdsm-network-0:4.30.51-1.el7ev.ppc64le", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-network-0:4.30.51-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", }, product_reference: "vdsm-network-0:4.30.51-1.el7ev.x86_64", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-python-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-python-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 7", product_id: "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", }, product_reference: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", relates_to_product_reference: "7Server-RHEV-4-Hypervisor-7", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch as a component of Red Hat Virtualization 4 Hypervisor for RHEL 7", product_id: "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", }, product_reference: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", relates_to_product_reference: "7Server-RHEV-4-Hypervisor-7", }, { category: "default_component_of", full_product_name: { name: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.src as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product_id: "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", }, product_reference: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", relates_to_product_reference: "7Server-RHEV-4-HypervisorBuild-7", }, { category: "default_component_of", full_product_name: { name: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64 as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product_id: "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", }, product_reference: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", relates_to_product_reference: "7Server-RHEV-4-HypervisorBuild-7", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product_id: "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", }, product_reference: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", relates_to_product_reference: "7Server-RHEV-4-HypervisorBuild-7", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product_id: "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", }, product_reference: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", relates_to_product_reference: "7Server-RHEV-4-HypervisorBuild-7", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product_id: "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", }, product_reference: "redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-HypervisorBuild-7", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], known_not_affected: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T10:39:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0395", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], known_not_affected: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T10:39:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0395", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], known_not_affected: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T10:39:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0395", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, { cve: "CVE-2021-3156", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2021-01-19T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1917684", }, ], notes: [ { category: "description", text: "A flaw was found in sudo. A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user who can execute the sudo command (by default, any local user can execute sudo) without authentication. Successful exploitation of this flaw could lead to privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "sudo: Heap buffer overflow in argument parsing", title: "Vulnerability summary", }, { category: "other", text: "This flaw does not affect the versions of sudo shipped with Red Hat Enterprise Linux 5, because the vulnerable code was not present in these versions.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], known_not_affected: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-3156", }, { category: "external", summary: "RHBZ#1917684", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1917684", }, { category: "external", summary: "RHSB-2021-002", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-002", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-3156", url: "https://www.cve.org/CVERecord?id=CVE-2021-3156", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-3156", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-3156", }, { category: "external", summary: "https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt", url: "https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt", }, { category: "external", summary: "https://www.sudo.ws/alerts/unescape_overflow.html", url: "https://www.sudo.ws/alerts/unescape_overflow.html", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2021-01-26T18:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T10:39:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0395", }, { category: "workaround", details: "Red Hat Product Security strongly recommends customers to update to fixed sudo packages once they are available. For customers who cannot update immediately, the following interim partial mitigation using systemtap is suggested:\n\n1. Install required systemtap packages and dependencies: \n```\nsystemtap yum-utils kernel-devel-\"$(uname -r)\"\n```\n\nThen for RHEL 7 install kernel debuginfo, using:\n```\ndebuginfo-install -y kernel-\"$(uname -r)\" \n```\nThen for RHEL 8 & 6 install sudo debuginfo, using:\n```\ndebuginfo-install sudo\n```\n \n2. Create the following systemtap script: (call the file as sudoedit-block.stap)\n```\nprobe process(\"/usr/bin/sudo\").function(\"main\") {\n command = cmdline_args(0,0,\"\");\n if (isinstr(command, \"edit\")) {\n raise(9);\n }\n}\n```\n3. Install the script using the following command: (using root)\n```\n# nohup stap -g sudoedit-block.stap &\n```\n(This should output the PID number of the systemtap script)\n\nThis script will cause the vulnerable sudoedit binary to stop working. The sudo command will still work as usual.\nThe above change does not persist across reboots and must be applied after each reboot.\n\nPlease consult How to make a systemtap kernel module load persistently across reboots? (https://access.redhat.com/solutions/5752521) to learn how to\nturn this into a service managed by initd. \n\n4. Once the new fixed packages are installed, the systemtap script can be removed by killing the systemtap process. For example, by using:\n```\n# kill -s SIGTERM 7590\n```\n(where 7590 is the PID of the systemtap process)", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], }, ], threats: [ { category: "exploit_status", date: "2022-04-06T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "sudo: Heap buffer overflow in argument parsing", }, ], }
rhsa-2021:0150
Vulnerability from csaf_redhat
Published
2021-01-19 15:06
Modified
2025-03-19 15:39
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)
* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)
* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)\n\n* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0150", url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1881875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", }, { category: "external", summary: "1882014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", }, { category: "external", summary: "1882018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "1891568", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0150.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2025-03-19T15:39:27+00:00", generator: { date: "2025-03-19T15:39:27+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2021:0150", initial_release_date: "2021-01-19T15:06:28+00:00", revision_history: [ { date: "2021-01-19T15:06:28+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T15:06:28+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-19T15:39:27+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 8)", product: { name: "Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-13.el8_3.1.src", product: { name: "dnsmasq-0:2.79-13.el8_3.1.src", product_id: "dnsmasq-0:2.79-13.el8_3.1.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-13.el8_3.1?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-13.el8_3.1.aarch64", product: { name: "dnsmasq-0:2.79-13.el8_3.1.aarch64", product_id: "dnsmasq-0:2.79-13.el8_3.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-13.el8_3.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", product: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", product_id: "dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-13.el8_3.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", product: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", product_id: "dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-13.el8_3.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", product: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", product_id: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-13.el8_3.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", product: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", product_id: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-13.el8_3.1?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-13.el8_3.1.ppc64le", product: { name: "dnsmasq-0:2.79-13.el8_3.1.ppc64le", product_id: "dnsmasq-0:2.79-13.el8_3.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-13.el8_3.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", product: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", product_id: "dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-13.el8_3.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", product: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", product_id: "dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-13.el8_3.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", product_id: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-13.el8_3.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", product: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", product_id: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-13.el8_3.1?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-13.el8_3.1.x86_64", product: { name: "dnsmasq-0:2.79-13.el8_3.1.x86_64", product_id: "dnsmasq-0:2.79-13.el8_3.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-13.el8_3.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", product: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", product_id: "dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-13.el8_3.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", product: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", product_id: "dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-13.el8_3.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", product: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", product_id: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-13.el8_3.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", product: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", product_id: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-13.el8_3.1?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-13.el8_3.1.s390x", product: { name: "dnsmasq-0:2.79-13.el8_3.1.s390x", product_id: "dnsmasq-0:2.79-13.el8_3.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-13.el8_3.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-13.el8_3.1.s390x", product: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.s390x", product_id: "dnsmasq-utils-0:2.79-13.el8_3.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-13.el8_3.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", product: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", product_id: "dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-13.el8_3.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", product: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", product_id: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-13.el8_3.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", product: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", product_id: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-13.el8_3.1?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-13.el8_3.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", }, product_reference: "dnsmasq-0:2.79-13.el8_3.1.aarch64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-13.el8_3.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", }, product_reference: "dnsmasq-0:2.79-13.el8_3.1.ppc64le", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-13.el8_3.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", }, product_reference: "dnsmasq-0:2.79-13.el8_3.1.s390x", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-13.el8_3.1.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", }, product_reference: "dnsmasq-0:2.79-13.el8_3.1.src", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-13.el8_3.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", }, product_reference: "dnsmasq-0:2.79-13.el8_3.1.x86_64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", }, product_reference: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", }, product_reference: "dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", }, product_reference: "dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", }, product_reference: "dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", }, product_reference: "dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", }, product_reference: "dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", }, product_reference: "dnsmasq-utils-0:2.79-13.el8_3.1.s390x", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25681", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1881875", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25681", }, { category: "external", summary: "RHBZ#1881875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25681", url: "https://www.cve.org/CVERecord?id=CVE-2020-25681", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25681", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25681", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25682", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1882014", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25682", }, { category: "external", summary: "RHBZ#1882014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25682", url: "https://www.cve.org/CVERecord?id=CVE-2020-25682", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25682", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25682", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25683", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1882018", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25683", }, { category: "external", summary: "RHBZ#1882018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25683", url: "https://www.cve.org/CVERecord?id=CVE-2020-25683", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25683", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25683", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25687", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891568", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25687", }, { category: "external", summary: "RHBZ#1891568", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25687", url: "https://www.cve.org/CVERecord?id=CVE-2020-25687", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25687", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25687", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled", }, ], }
rhsa-2021_0151
Vulnerability from csaf_redhat
Published
2021-01-19 13:37
Modified
2024-11-22 16:15
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)
* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)
* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)\n\n* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0151", url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1881875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", }, { category: "external", summary: "1882014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", }, { category: "external", summary: "1882018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "1891568", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0151.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-22T16:15:03+00:00", generator: { date: "2024-11-22T16:15:03+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0151", initial_release_date: "2021-01-19T13:37:11+00:00", revision_history: [ { date: "2021-01-19T13:37:11+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T13:37:11+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:15:03+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product: { name: "Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_eus:8.2::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-11.el8_2.2.src", product: { name: "dnsmasq-0:2.79-11.el8_2.2.src", product_id: "dnsmasq-0:2.79-11.el8_2.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-11.el8_2.2?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-11.el8_2.2.aarch64", product: { name: "dnsmasq-0:2.79-11.el8_2.2.aarch64", product_id: "dnsmasq-0:2.79-11.el8_2.2.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-11.el8_2.2?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", product: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", product_id: "dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-11.el8_2.2?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", product: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", product_id: "dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-11.el8_2.2?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", product: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", product_id: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-11.el8_2.2?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", product: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", product_id: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-11.el8_2.2?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-11.el8_2.2.ppc64le", product: { name: "dnsmasq-0:2.79-11.el8_2.2.ppc64le", product_id: "dnsmasq-0:2.79-11.el8_2.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-11.el8_2.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", product: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", product_id: "dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-11.el8_2.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", product: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", product_id: "dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-11.el8_2.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", product_id: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-11.el8_2.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", product: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", product_id: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-11.el8_2.2?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-11.el8_2.2.x86_64", product: { name: "dnsmasq-0:2.79-11.el8_2.2.x86_64", product_id: "dnsmasq-0:2.79-11.el8_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-11.el8_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", product: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", product_id: "dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-11.el8_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", product: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", product_id: "dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-11.el8_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", product: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", product_id: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-11.el8_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", product: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", product_id: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-11.el8_2.2?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-11.el8_2.2.s390x", product: { name: "dnsmasq-0:2.79-11.el8_2.2.s390x", product_id: "dnsmasq-0:2.79-11.el8_2.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-11.el8_2.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-11.el8_2.2.s390x", product: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.s390x", product_id: "dnsmasq-utils-0:2.79-11.el8_2.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-11.el8_2.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", product: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", product_id: "dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-11.el8_2.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", product: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", product_id: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-11.el8_2.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", product: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", product_id: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-11.el8_2.2?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", }, product_reference: "dnsmasq-0:2.79-11.el8_2.2.aarch64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", }, product_reference: "dnsmasq-0:2.79-11.el8_2.2.ppc64le", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", }, product_reference: "dnsmasq-0:2.79-11.el8_2.2.s390x", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-11.el8_2.2.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", }, product_reference: "dnsmasq-0:2.79-11.el8_2.2.src", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", }, product_reference: "dnsmasq-0:2.79-11.el8_2.2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", }, product_reference: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", }, product_reference: "dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", }, product_reference: "dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", }, product_reference: "dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", }, product_reference: "dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", }, product_reference: "dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", }, product_reference: "dnsmasq-utils-0:2.79-11.el8_2.2.s390x", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25681", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1881875", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25681", }, { category: "external", summary: "RHBZ#1881875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25681", url: "https://www.cve.org/CVERecord?id=CVE-2020-25681", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25681", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25681", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25682", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1882014", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25682", }, { category: "external", summary: "RHBZ#1882014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25682", url: "https://www.cve.org/CVERecord?id=CVE-2020-25682", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25682", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25682", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25683", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1882018", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25683", }, { category: "external", summary: "RHBZ#1882018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25683", url: "https://www.cve.org/CVERecord?id=CVE-2020-25683", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25683", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25683", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25687", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891568", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25687", }, { category: "external", summary: "RHBZ#1891568", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25687", url: "https://www.cve.org/CVERecord?id=CVE-2020-25687", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25687", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25687", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled", }, ], }
RHSA-2021:0151
Vulnerability from csaf_redhat
Published
2021-01-19 13:37
Modified
2024-11-22 16:15
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)
* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)
* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)\n\n* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0151", url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1881875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", }, { category: "external", summary: "1882014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", }, { category: "external", summary: "1882018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "1891568", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0151.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-22T16:15:03+00:00", generator: { date: "2024-11-22T16:15:03+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0151", initial_release_date: "2021-01-19T13:37:11+00:00", revision_history: [ { date: "2021-01-19T13:37:11+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T13:37:11+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:15:03+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product: { name: "Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_eus:8.2::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-11.el8_2.2.src", product: { name: "dnsmasq-0:2.79-11.el8_2.2.src", product_id: "dnsmasq-0:2.79-11.el8_2.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-11.el8_2.2?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-11.el8_2.2.aarch64", product: { name: "dnsmasq-0:2.79-11.el8_2.2.aarch64", product_id: "dnsmasq-0:2.79-11.el8_2.2.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-11.el8_2.2?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", product: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", product_id: "dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-11.el8_2.2?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", product: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", product_id: "dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-11.el8_2.2?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", product: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", product_id: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-11.el8_2.2?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", product: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", product_id: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-11.el8_2.2?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-11.el8_2.2.ppc64le", product: { name: "dnsmasq-0:2.79-11.el8_2.2.ppc64le", product_id: "dnsmasq-0:2.79-11.el8_2.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-11.el8_2.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", product: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", product_id: "dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-11.el8_2.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", product: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", product_id: "dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-11.el8_2.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", product_id: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-11.el8_2.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", product: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", product_id: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-11.el8_2.2?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-11.el8_2.2.x86_64", product: { name: "dnsmasq-0:2.79-11.el8_2.2.x86_64", product_id: "dnsmasq-0:2.79-11.el8_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-11.el8_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", product: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", product_id: "dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-11.el8_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", product: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", product_id: "dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-11.el8_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", product: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", product_id: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-11.el8_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", product: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", product_id: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-11.el8_2.2?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-11.el8_2.2.s390x", product: { name: "dnsmasq-0:2.79-11.el8_2.2.s390x", product_id: "dnsmasq-0:2.79-11.el8_2.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-11.el8_2.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-11.el8_2.2.s390x", product: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.s390x", product_id: "dnsmasq-utils-0:2.79-11.el8_2.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-11.el8_2.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", product: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", product_id: "dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-11.el8_2.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", product: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", product_id: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-11.el8_2.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", product: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", product_id: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-11.el8_2.2?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", }, product_reference: "dnsmasq-0:2.79-11.el8_2.2.aarch64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", }, product_reference: "dnsmasq-0:2.79-11.el8_2.2.ppc64le", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", }, product_reference: "dnsmasq-0:2.79-11.el8_2.2.s390x", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-11.el8_2.2.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", }, product_reference: "dnsmasq-0:2.79-11.el8_2.2.src", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", }, product_reference: "dnsmasq-0:2.79-11.el8_2.2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", }, product_reference: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", }, product_reference: "dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", }, product_reference: "dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", }, product_reference: "dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", }, product_reference: "dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", }, product_reference: "dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", }, product_reference: "dnsmasq-utils-0:2.79-11.el8_2.2.s390x", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25681", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1881875", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25681", }, { category: "external", summary: "RHBZ#1881875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25681", url: "https://www.cve.org/CVERecord?id=CVE-2020-25681", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25681", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25681", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25682", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1882014", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25682", }, { category: "external", summary: "RHBZ#1882014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25682", url: "https://www.cve.org/CVERecord?id=CVE-2020-25682", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25682", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25682", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25683", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1882018", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25683", }, { category: "external", summary: "RHBZ#1882018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25683", url: "https://www.cve.org/CVERecord?id=CVE-2020-25683", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25683", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25683", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25687", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891568", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25687", }, { category: "external", summary: "RHBZ#1891568", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25687", url: "https://www.cve.org/CVERecord?id=CVE-2020-25687", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25687", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25687", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled", }, ], }
RHSA-2021:0395
Vulnerability from csaf_redhat
Published
2021-02-03 10:39
Modified
2024-11-15 11:45
Summary
Red Hat Security Advisory: RHV-H security, bug fix, enhancement update (redhat-virtualization-host) 4.3.13
Notes
Topic
An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
Security Fix(es):
* sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* When performing an upgrade of the Red Hat Virtualization Host using the command `yum update`, the yum repository for RHV 4.3 EUS is unreachable
As a workaround, run the following command:
`# yum update --releasever=7Server` (BZ#1899378)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.\n\nSecurity Fix(es):\n\n* sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* When performing an upgrade of the Red Hat Virtualization Host using the command `yum update`, the yum repository for RHV 4.3 EUS is unreachable\n\nAs a workaround, run the following command:\n`# yum update --releasever=7Server` (BZ#1899378)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0395", url: "https://access.redhat.com/errata/RHSA-2021:0395", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-002", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-002", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "1899378", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1899378", }, { category: "external", summary: "1916111", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916111", }, { category: "external", summary: "1917684", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1917684", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0395.json", }, ], title: "Red Hat Security Advisory: RHV-H security, bug fix, enhancement update (redhat-virtualization-host) 4.3.13", tracking: { current_release_date: "2024-11-15T11:45:51+00:00", generator: { date: "2024-11-15T11:45:51+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0395", initial_release_date: "2021-02-03T10:39:04+00:00", revision_history: [ { date: "2021-02-03T10:39:04+00:00", number: "1", summary: "Initial version", }, { date: "2021-02-03T10:39:04+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T11:45:51+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product: { name: "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::hypervisor", }, }, }, { category: "product_name", name: "RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product: { name: "RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product_id: "7Server-RHEV-4-HypervisorBuild-7", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::hypervisor", }, }, }, { category: "product_name", name: "Red Hat Virtualization 4 Hypervisor for RHEL 7", product: { name: "Red Hat Virtualization 4 Hypervisor for RHEL 7", product_id: "7Server-RHEV-4-Hypervisor-7", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::hypervisor", }, }, }, ], category: "product_family", name: "Red Hat Virtualization", }, { branches: [ { category: "product_version", name: "vdsm-0:4.30.51-1.el7ev.src", product: { name: "vdsm-0:4.30.51-1.el7ev.src", product_id: "vdsm-0:4.30.51-1.el7ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm@4.30.51-1.el7ev?arch=src", }, }, }, { category: "product_version", name: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", product: { name: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", product_id: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-release-virtualization-host@4.3.13-2.el7ev?arch=src", }, }, }, { category: "product_version", name: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", product: { name: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", product_id: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-virtualization-host@4.3.13-20210127.0.el7_9?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "vdsm-0:4.30.51-1.el7ev.x86_64", product: { name: "vdsm-0:4.30.51-1.el7ev.x86_64", product_id: "vdsm-0:4.30.51-1.el7ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm@4.30.51-1.el7ev?arch=x86_64", }, }, }, { category: "product_version", name: "vdsm-gluster-0:4.30.51-1.el7ev.x86_64", product: { name: "vdsm-gluster-0:4.30.51-1.el7ev.x86_64", product_id: "vdsm-gluster-0:4.30.51-1.el7ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-gluster@4.30.51-1.el7ev?arch=x86_64", }, }, }, { category: "product_version", name: "vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", product: { name: "vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", product_id: "vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-checkips@4.30.51-1.el7ev?arch=x86_64", }, }, }, { category: "product_version", name: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", product: { name: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", product_id: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-extra-ipv4-addrs@4.30.51-1.el7ev?arch=x86_64", }, }, }, { category: "product_version", name: "vdsm-network-0:4.30.51-1.el7ev.x86_64", product: { name: "vdsm-network-0:4.30.51-1.el7ev.x86_64", product_id: "vdsm-network-0:4.30.51-1.el7ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-network@4.30.51-1.el7ev?arch=x86_64", }, }, }, { category: "product_version", name: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", product: { name: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", product_id: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-release-virtualization-host@4.3.13-2.el7ev?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "vdsm-0:4.30.51-1.el7ev.ppc64le", product: { name: "vdsm-0:4.30.51-1.el7ev.ppc64le", product_id: "vdsm-0:4.30.51-1.el7ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm@4.30.51-1.el7ev?arch=ppc64le", }, }, }, { category: "product_version", name: "vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", product: { name: "vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", product_id: "vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-gluster@4.30.51-1.el7ev?arch=ppc64le", }, }, }, { category: "product_version", name: "vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", product: { name: "vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", product_id: "vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-checkips@4.30.51-1.el7ev?arch=ppc64le", }, }, }, { category: "product_version", name: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", product: { name: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", product_id: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-extra-ipv4-addrs@4.30.51-1.el7ev?arch=ppc64le", }, }, }, { category: "product_version", name: "vdsm-network-0:4.30.51-1.el7ev.ppc64le", product: { name: "vdsm-network-0:4.30.51-1.el7ev.ppc64le", product_id: "vdsm-network-0:4.30.51-1.el7ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-network@4.30.51-1.el7ev?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "vdsm-api-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-api-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-api-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-api@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-client-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-client-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-client-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-client@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-common-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-common-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-common-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-common@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-cpuflags@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-ethtool-options@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-fcoe@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-localdisk@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-macspoof@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-nestedvt@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-openstacknet@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-vhostmd@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-vmfex-dev@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-http-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-http-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-http-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-http@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-jsonrpc@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-python-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-python-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-python-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-python@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-yajsonrpc@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", product: { name: "redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", product_id: "redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-virtualization-host-image-update-placeholder@4.3.13-2.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", product: { name: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", product_id: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-virtualization-host-image-update@4.3.13-20210127.0.el7_9?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "vdsm-0:4.30.51-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", }, product_reference: "vdsm-0:4.30.51-1.el7ev.ppc64le", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-0:4.30.51-1.el7ev.src as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", }, product_reference: "vdsm-0:4.30.51-1.el7ev.src", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-0:4.30.51-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", }, product_reference: "vdsm-0:4.30.51-1.el7ev.x86_64", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-api-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-api-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-client-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-client-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-common-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-common-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-gluster-0:4.30.51-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", }, product_reference: "vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-gluster-0:4.30.51-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", }, product_reference: "vdsm-gluster-0:4.30.51-1.el7ev.x86_64", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", }, product_reference: "vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", }, product_reference: "vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", }, product_reference: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", }, product_reference: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-http-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-http-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-network-0:4.30.51-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", }, product_reference: "vdsm-network-0:4.30.51-1.el7ev.ppc64le", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-network-0:4.30.51-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", }, product_reference: "vdsm-network-0:4.30.51-1.el7ev.x86_64", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-python-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-python-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 7", product_id: "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", }, product_reference: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", relates_to_product_reference: "7Server-RHEV-4-Hypervisor-7", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch as a component of Red Hat Virtualization 4 Hypervisor for RHEL 7", product_id: "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", }, product_reference: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", relates_to_product_reference: "7Server-RHEV-4-Hypervisor-7", }, { category: "default_component_of", full_product_name: { name: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.src as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product_id: "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", }, product_reference: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", relates_to_product_reference: "7Server-RHEV-4-HypervisorBuild-7", }, { category: "default_component_of", full_product_name: { name: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64 as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product_id: "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", }, product_reference: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", relates_to_product_reference: "7Server-RHEV-4-HypervisorBuild-7", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product_id: "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", }, product_reference: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", relates_to_product_reference: "7Server-RHEV-4-HypervisorBuild-7", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product_id: "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", }, product_reference: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", relates_to_product_reference: "7Server-RHEV-4-HypervisorBuild-7", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product_id: "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", }, product_reference: "redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-HypervisorBuild-7", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], known_not_affected: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T10:39:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0395", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], known_not_affected: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T10:39:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0395", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], known_not_affected: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T10:39:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0395", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, { cve: "CVE-2021-3156", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2021-01-19T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1917684", }, ], notes: [ { category: "description", text: "A flaw was found in sudo. A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user who can execute the sudo command (by default, any local user can execute sudo) without authentication. Successful exploitation of this flaw could lead to privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "sudo: Heap buffer overflow in argument parsing", title: "Vulnerability summary", }, { category: "other", text: "This flaw does not affect the versions of sudo shipped with Red Hat Enterprise Linux 5, because the vulnerable code was not present in these versions.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], known_not_affected: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-3156", }, { category: "external", summary: "RHBZ#1917684", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1917684", }, { category: "external", summary: "RHSB-2021-002", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-002", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-3156", url: "https://www.cve.org/CVERecord?id=CVE-2021-3156", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-3156", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-3156", }, { category: "external", summary: "https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt", url: "https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt", }, { category: "external", summary: "https://www.sudo.ws/alerts/unescape_overflow.html", url: "https://www.sudo.ws/alerts/unescape_overflow.html", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2021-01-26T18:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T10:39:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0395", }, { category: "workaround", details: "Red Hat Product Security strongly recommends customers to update to fixed sudo packages once they are available. For customers who cannot update immediately, the following interim partial mitigation using systemtap is suggested:\n\n1. Install required systemtap packages and dependencies: \n```\nsystemtap yum-utils kernel-devel-\"$(uname -r)\"\n```\n\nThen for RHEL 7 install kernel debuginfo, using:\n```\ndebuginfo-install -y kernel-\"$(uname -r)\" \n```\nThen for RHEL 8 & 6 install sudo debuginfo, using:\n```\ndebuginfo-install sudo\n```\n \n2. Create the following systemtap script: (call the file as sudoedit-block.stap)\n```\nprobe process(\"/usr/bin/sudo\").function(\"main\") {\n command = cmdline_args(0,0,\"\");\n if (isinstr(command, \"edit\")) {\n raise(9);\n }\n}\n```\n3. Install the script using the following command: (using root)\n```\n# nohup stap -g sudoedit-block.stap &\n```\n(This should output the PID number of the systemtap script)\n\nThis script will cause the vulnerable sudoedit binary to stop working. The sudo command will still work as usual.\nThe above change does not persist across reboots and must be applied after each reboot.\n\nPlease consult How to make a systemtap kernel module load persistently across reboots? (https://access.redhat.com/solutions/5752521) to learn how to\nturn this into a service managed by initd. \n\n4. Once the new fixed packages are installed, the systemtap script can be removed by killing the systemtap process. For example, by using:\n```\n# kill -s SIGTERM 7590\n```\n(where 7590 is the PID of the systemtap process)", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], }, ], threats: [ { category: "exploit_status", date: "2022-04-06T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "sudo: Heap buffer overflow in argument parsing", }, ], }
RHSA-2021:0150
Vulnerability from csaf_redhat
Published
2021-01-19 15:06
Modified
2025-03-19 15:39
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)
* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)
* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)\n\n* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0150", url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1881875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", }, { category: "external", summary: "1882014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", }, { category: "external", summary: "1882018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "1891568", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0150.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2025-03-19T15:39:27+00:00", generator: { date: "2025-03-19T15:39:27+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2021:0150", initial_release_date: "2021-01-19T15:06:28+00:00", revision_history: [ { date: "2021-01-19T15:06:28+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T15:06:28+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-19T15:39:27+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 8)", product: { name: "Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-13.el8_3.1.src", product: { name: "dnsmasq-0:2.79-13.el8_3.1.src", product_id: "dnsmasq-0:2.79-13.el8_3.1.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-13.el8_3.1?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-13.el8_3.1.aarch64", product: { name: "dnsmasq-0:2.79-13.el8_3.1.aarch64", product_id: "dnsmasq-0:2.79-13.el8_3.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-13.el8_3.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", product: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", product_id: "dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-13.el8_3.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", product: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", product_id: "dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-13.el8_3.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", product: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", product_id: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-13.el8_3.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", product: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", product_id: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-13.el8_3.1?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-13.el8_3.1.ppc64le", product: { name: "dnsmasq-0:2.79-13.el8_3.1.ppc64le", product_id: "dnsmasq-0:2.79-13.el8_3.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-13.el8_3.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", product: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", product_id: "dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-13.el8_3.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", product: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", product_id: "dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-13.el8_3.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", product_id: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-13.el8_3.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", product: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", product_id: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-13.el8_3.1?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-13.el8_3.1.x86_64", product: { name: "dnsmasq-0:2.79-13.el8_3.1.x86_64", product_id: "dnsmasq-0:2.79-13.el8_3.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-13.el8_3.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", product: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", product_id: "dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-13.el8_3.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", product: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", product_id: "dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-13.el8_3.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", product: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", product_id: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-13.el8_3.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", product: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", product_id: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-13.el8_3.1?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-13.el8_3.1.s390x", product: { name: "dnsmasq-0:2.79-13.el8_3.1.s390x", product_id: "dnsmasq-0:2.79-13.el8_3.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-13.el8_3.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-13.el8_3.1.s390x", product: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.s390x", product_id: "dnsmasq-utils-0:2.79-13.el8_3.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-13.el8_3.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", product: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", product_id: "dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-13.el8_3.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", product: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", product_id: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-13.el8_3.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", product: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", product_id: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-13.el8_3.1?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-13.el8_3.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", }, product_reference: "dnsmasq-0:2.79-13.el8_3.1.aarch64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-13.el8_3.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", }, product_reference: "dnsmasq-0:2.79-13.el8_3.1.ppc64le", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-13.el8_3.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", }, product_reference: "dnsmasq-0:2.79-13.el8_3.1.s390x", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-13.el8_3.1.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", }, product_reference: "dnsmasq-0:2.79-13.el8_3.1.src", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-13.el8_3.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", }, product_reference: "dnsmasq-0:2.79-13.el8_3.1.x86_64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", }, product_reference: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", }, product_reference: "dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", }, product_reference: "dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", }, product_reference: "dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", }, product_reference: "dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", }, product_reference: "dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", }, product_reference: "dnsmasq-utils-0:2.79-13.el8_3.1.s390x", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25681", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1881875", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25681", }, { category: "external", summary: "RHBZ#1881875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25681", url: "https://www.cve.org/CVERecord?id=CVE-2020-25681", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25681", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25681", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25682", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1882014", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25682", }, { category: "external", summary: "RHBZ#1882014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25682", url: "https://www.cve.org/CVERecord?id=CVE-2020-25682", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25682", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25682", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25683", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1882018", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25683", }, { category: "external", summary: "RHBZ#1882018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25683", url: "https://www.cve.org/CVERecord?id=CVE-2020-25683", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25683", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25683", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25687", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891568", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25687", }, { category: "external", summary: "RHBZ#1891568", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25687", url: "https://www.cve.org/CVERecord?id=CVE-2020-25687", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25687", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25687", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled", }, ], }
RHSA-2021:0153
Vulnerability from csaf_redhat
Published
2021-01-19 18:02
Modified
2024-11-15 07:27
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0153", url: "https://access.redhat.com/errata/RHSA-2021:0153", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0153.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-15T07:27:56+00:00", generator: { date: "2024-11-15T07:27:56+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0153", initial_release_date: "2021-01-19T18:02:16+00:00", revision_history: [ { date: "2021-01-19T18:02:16+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T18:02:16+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T07:27:56+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Client (v. 7)", product: { name: "Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Client Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-16.el7_9.1.src", product: { name: "dnsmasq-0:2.76-16.el7_9.1.src", product_id: "dnsmasq-0:2.76-16.el7_9.1.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-16.el7_9.1?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-16.el7_9.1.x86_64", product: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64", product_id: "dnsmasq-0:2.76-16.el7_9.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-16.el7_9.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", product: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", product_id: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-16.el7_9.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", product: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", product_id: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-16.el7_9.1?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", product: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", product_id: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-16.el7_9.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", product_id: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-16.el7_9.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", product: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", product_id: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-16.el7_9.1?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-16.el7_9.1.ppc64", product: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64", product_id: "dnsmasq-0:2.76-16.el7_9.1.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-16.el7_9.1?arch=ppc64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", product: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", product_id: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-16.el7_9.1?arch=ppc64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", product: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", product_id: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-16.el7_9.1?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-16.el7_9.1.s390x", product: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x", product_id: "dnsmasq-0:2.76-16.el7_9.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-16.el7_9.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", product: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", product_id: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-16.el7_9.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", product: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", product_id: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-16.el7_9.1?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T18:02:16+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0153", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T18:02:16+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0153", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T18:02:16+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0153", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, ], }
rhsa-2021_0150
Vulnerability from csaf_redhat
Published
2021-01-19 15:06
Modified
2024-11-22 16:15
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)
* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)
* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)\n\n* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0150", url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1881875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", }, { category: "external", summary: "1882014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", }, { category: "external", summary: "1882018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "1891568", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0150.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-22T16:15:17+00:00", generator: { date: "2024-11-22T16:15:17+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0150", initial_release_date: "2021-01-19T15:06:28+00:00", revision_history: [ { date: "2021-01-19T15:06:28+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T15:06:28+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:15:17+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 8)", product: { name: "Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-13.el8_3.1.src", product: { name: "dnsmasq-0:2.79-13.el8_3.1.src", product_id: "dnsmasq-0:2.79-13.el8_3.1.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-13.el8_3.1?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-13.el8_3.1.aarch64", product: { name: "dnsmasq-0:2.79-13.el8_3.1.aarch64", product_id: "dnsmasq-0:2.79-13.el8_3.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-13.el8_3.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", product: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", product_id: "dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-13.el8_3.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", product: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", product_id: "dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-13.el8_3.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", product: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", product_id: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-13.el8_3.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", product: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", product_id: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-13.el8_3.1?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-13.el8_3.1.ppc64le", product: { name: "dnsmasq-0:2.79-13.el8_3.1.ppc64le", product_id: "dnsmasq-0:2.79-13.el8_3.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-13.el8_3.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", product: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", product_id: "dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-13.el8_3.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", product: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", product_id: "dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-13.el8_3.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", product_id: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-13.el8_3.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", product: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", product_id: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-13.el8_3.1?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-13.el8_3.1.x86_64", product: { name: "dnsmasq-0:2.79-13.el8_3.1.x86_64", product_id: "dnsmasq-0:2.79-13.el8_3.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-13.el8_3.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", product: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", product_id: "dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-13.el8_3.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", product: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", product_id: "dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-13.el8_3.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", product: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", product_id: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-13.el8_3.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", product: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", product_id: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-13.el8_3.1?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-13.el8_3.1.s390x", product: { name: "dnsmasq-0:2.79-13.el8_3.1.s390x", product_id: "dnsmasq-0:2.79-13.el8_3.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-13.el8_3.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-13.el8_3.1.s390x", product: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.s390x", product_id: "dnsmasq-utils-0:2.79-13.el8_3.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-13.el8_3.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", product: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", product_id: "dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-13.el8_3.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", product: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", product_id: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-13.el8_3.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", product: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", product_id: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-13.el8_3.1?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-13.el8_3.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", }, product_reference: "dnsmasq-0:2.79-13.el8_3.1.aarch64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-13.el8_3.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", }, product_reference: "dnsmasq-0:2.79-13.el8_3.1.ppc64le", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-13.el8_3.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", }, product_reference: "dnsmasq-0:2.79-13.el8_3.1.s390x", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-13.el8_3.1.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", }, product_reference: "dnsmasq-0:2.79-13.el8_3.1.src", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-13.el8_3.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", }, product_reference: "dnsmasq-0:2.79-13.el8_3.1.x86_64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", }, product_reference: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", }, product_reference: "dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", }, product_reference: "dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", }, product_reference: "dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", }, product_reference: "dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", }, product_reference: "dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", }, product_reference: "dnsmasq-utils-0:2.79-13.el8_3.1.s390x", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-13.el8_3.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", relates_to_product_reference: "AppStream-8.3.0.Z.MAIN", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25681", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1881875", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25681", }, { category: "external", summary: "RHBZ#1881875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25681", url: "https://www.cve.org/CVERecord?id=CVE-2020-25681", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25681", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25681", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25682", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1882014", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25682", }, { category: "external", summary: "RHBZ#1882014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25682", url: "https://www.cve.org/CVERecord?id=CVE-2020-25682", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25682", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25682", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25683", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1882018", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25683", }, { category: "external", summary: "RHBZ#1882018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25683", url: "https://www.cve.org/CVERecord?id=CVE-2020-25683", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25683", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25683", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25687", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891568", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25687", }, { category: "external", summary: "RHBZ#1891568", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25687", url: "https://www.cve.org/CVERecord?id=CVE-2020-25687", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25687", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25687", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T15:06:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0150", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.src", "AppStream-8.3.0.Z.MAIN:dnsmasq-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debuginfo-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-debugsource-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-0:2.79-13.el8_3.1.x86_64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.aarch64", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.ppc64le", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.s390x", "AppStream-8.3.0.Z.MAIN:dnsmasq-utils-debuginfo-0:2.79-13.el8_3.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled", }, ], }
RHSA-2021:0154
Vulnerability from csaf_redhat
Published
2021-01-19 14:11
Modified
2024-11-15 07:27
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.7 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 7.7 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0154", url: "https://access.redhat.com/errata/RHSA-2021:0154", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0154.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-15T07:27:27+00:00", generator: { date: "2024-11-15T07:27:27+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0154", initial_release_date: "2021-01-19T14:11:04+00:00", revision_history: [ { date: "2021-01-19T14:11:04+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T14:11:04+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T07:27:27+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-10.el7_7.2.src", product: { name: "dnsmasq-0:2.76-10.el7_7.2.src", product_id: "dnsmasq-0:2.76-10.el7_7.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-10.el7_7.2?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-10.el7_7.2.x86_64", product: { name: "dnsmasq-0:2.76-10.el7_7.2.x86_64", product_id: "dnsmasq-0:2.76-10.el7_7.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-10.el7_7.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", product: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", product_id: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-10.el7_7.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", product: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", product_id: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-10.el7_7.2?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", product: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", product_id: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-10.el7_7.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", product_id: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-10.el7_7.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", product: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", product_id: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-10.el7_7.2?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-10.el7_7.2.ppc64", product: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64", product_id: "dnsmasq-0:2.76-10.el7_7.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-10.el7_7.2?arch=ppc64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", product: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", product_id: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-10.el7_7.2?arch=ppc64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", product: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", product_id: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-10.el7_7.2?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-10.el7_7.2.s390x", product: { name: "dnsmasq-0:2.76-10.el7_7.2.s390x", product_id: "dnsmasq-0:2.76-10.el7_7.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-10.el7_7.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", product: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", product_id: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-10.el7_7.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", product: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", product_id: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-10.el7_7.2?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.src", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.src as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.src", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.src", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.src", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T14:11:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0154", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T14:11:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0154", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T14:11:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0154", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, ], }
rhsa-2021_0156
Vulnerability from csaf_redhat
Published
2021-01-19 13:40
Modified
2024-11-15 07:27
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0156", url: "https://access.redhat.com/errata/RHSA-2021:0156", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0156.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-15T07:27:34+00:00", generator: { date: "2024-11-15T07:27:34+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0156", initial_release_date: "2021-01-19T13:40:12+00:00", revision_history: [ { date: "2021-01-19T13:40:12+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T13:40:12+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T07:27:34+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", product_id: "7Server-optional-7.4.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server E4S (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_e4s:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_e4s:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server TUS (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_tus:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", product_id: "7Server-optional-7.4.TUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_tus:7.4::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-2.el7_4.3.src", product: { name: "dnsmasq-0:2.76-2.el7_4.3.src", product_id: "dnsmasq-0:2.76-2.el7_4.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-2.el7_4.3?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-2.el7_4.3.x86_64", product: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64", product_id: "dnsmasq-0:2.76-2.el7_4.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-2.el7_4.3?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", product: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", product_id: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-2.el7_4.3?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", product: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", product_id: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-2.el7_4.3?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-2.el7_4.3.ppc64le", product: { name: "dnsmasq-0:2.76-2.el7_4.3.ppc64le", product_id: "dnsmasq-0:2.76-2.el7_4.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-2.el7_4.3?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", product_id: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-2.el7_4.3?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", product: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", product_id: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-2.el7_4.3?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.src", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.ppc64le", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.src as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.src", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.src as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.src", relates_to_product_reference: "7Server-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", product_id: "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.src", relates_to_product_reference: "7Server-optional-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", product_id: "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", product_id: "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", product_id: "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.ppc64le", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.src as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.src", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.src as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", product_id: "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.src", relates_to_product_reference: "7Server-optional-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", product_id: "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", product_id: "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", product_id: "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.TUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:40:12+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0156", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:40:12+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0156", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:40:12+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0156", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, ], }
RHSA-2021:0240
Vulnerability from csaf_redhat
Published
2021-01-25 14:29
Modified
2024-11-15 07:29
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0240", url: "https://access.redhat.com/errata/RHSA-2021:0240", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0240.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-15T07:29:04+00:00", generator: { date: "2024-11-15T07:29:04+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0240", initial_release_date: "2021-01-25T14:29:59+00:00", revision_history: [ { date: "2021-01-25T14:29:59+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-25T14:29:59+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T07:29:04+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.2)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.2::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", product: { name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", product_id: "7Server-optional-7.2.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.2::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.66-14.el7_2.3.src", product: { name: "dnsmasq-0:2.66-14.el7_2.3.src", product_id: "dnsmasq-0:2.66-14.el7_2.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.66-14.el7_2.3?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.66-14.el7_2.3.x86_64", product: { name: "dnsmasq-0:2.66-14.el7_2.3.x86_64", product_id: "dnsmasq-0:2.66-14.el7_2.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.66-14.el7_2.3?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", product: { name: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", product_id: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.66-14.el7_2.3?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", product: { name: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", product_id: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.66-14.el7_2.3?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-14.el7_2.3.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", }, product_reference: "dnsmasq-0:2.66-14.el7_2.3.src", relates_to_product_reference: "7Server-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-14.el7_2.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", }, product_reference: "dnsmasq-0:2.66-14.el7_2.3.x86_64", relates_to_product_reference: "7Server-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", relates_to_product_reference: "7Server-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", relates_to_product_reference: "7Server-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-14.el7_2.3.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", product_id: "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", }, product_reference: "dnsmasq-0:2.66-14.el7_2.3.src", relates_to_product_reference: "7Server-optional-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-14.el7_2.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", product_id: "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", }, product_reference: "dnsmasq-0:2.66-14.el7_2.3.x86_64", relates_to_product_reference: "7Server-optional-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", product_id: "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", relates_to_product_reference: "7Server-optional-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", product_id: "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", relates_to_product_reference: "7Server-optional-7.2.AUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-25T14:29:59+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0240", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-25T14:29:59+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0240", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-25T14:29:59+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0240", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, ], }
RHSA-2021:0152
Vulnerability from csaf_redhat
Published
2021-01-19 13:11
Modified
2024-11-22 16:15
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 8.1 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)
* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)
* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 8.1 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)\n\n* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0152", url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1881875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", }, { category: "external", summary: "1882014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", }, { category: "external", summary: "1882018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "1891568", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0152.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-22T16:15:10+00:00", generator: { date: "2024-11-22T16:15:10+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0152", initial_release_date: "2021-01-19T13:11:33+00:00", revision_history: [ { date: "2021-01-19T13:11:33+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T13:11:33+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:15:10+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product: { name: "Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_eus:8.1::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-6.el8_1.1.src", product: { name: "dnsmasq-0:2.79-6.el8_1.1.src", product_id: "dnsmasq-0:2.79-6.el8_1.1.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-6.el8_1.1?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-6.el8_1.1.aarch64", product: { name: "dnsmasq-0:2.79-6.el8_1.1.aarch64", product_id: "dnsmasq-0:2.79-6.el8_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-6.el8_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", product: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", product_id: "dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-6.el8_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", product: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", product_id: "dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-6.el8_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", product: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", product_id: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-6.el8_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", product: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", product_id: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-6.el8_1.1?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-6.el8_1.1.ppc64le", product: { name: "dnsmasq-0:2.79-6.el8_1.1.ppc64le", product_id: "dnsmasq-0:2.79-6.el8_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-6.el8_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", product: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", product_id: "dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-6.el8_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", product: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", product_id: "dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-6.el8_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", product_id: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-6.el8_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", product: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", product_id: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-6.el8_1.1?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-6.el8_1.1.x86_64", product: { name: "dnsmasq-0:2.79-6.el8_1.1.x86_64", product_id: "dnsmasq-0:2.79-6.el8_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-6.el8_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", product: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", product_id: "dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-6.el8_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", product: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", product_id: "dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-6.el8_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", product: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", product_id: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-6.el8_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", product: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", product_id: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-6.el8_1.1?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-6.el8_1.1.s390x", product: { name: "dnsmasq-0:2.79-6.el8_1.1.s390x", product_id: "dnsmasq-0:2.79-6.el8_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-6.el8_1.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-6.el8_1.1.s390x", product: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.s390x", product_id: "dnsmasq-utils-0:2.79-6.el8_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-6.el8_1.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", product: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", product_id: "dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-6.el8_1.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", product: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", product_id: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-6.el8_1.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", product: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", product_id: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-6.el8_1.1?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-6.el8_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", }, product_reference: "dnsmasq-0:2.79-6.el8_1.1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-6.el8_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", }, product_reference: "dnsmasq-0:2.79-6.el8_1.1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-6.el8_1.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", }, product_reference: "dnsmasq-0:2.79-6.el8_1.1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-6.el8_1.1.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", }, product_reference: "dnsmasq-0:2.79-6.el8_1.1.src", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-6.el8_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", }, product_reference: "dnsmasq-0:2.79-6.el8_1.1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", }, product_reference: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", }, product_reference: "dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", }, product_reference: "dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", }, product_reference: "dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", }, product_reference: "dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", }, product_reference: "dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", }, product_reference: "dnsmasq-utils-0:2.79-6.el8_1.1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25681", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1881875", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25681", }, { category: "external", summary: "RHBZ#1881875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25681", url: "https://www.cve.org/CVERecord?id=CVE-2020-25681", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25681", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25681", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25682", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1882014", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25682", }, { category: "external", summary: "RHBZ#1882014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25682", url: "https://www.cve.org/CVERecord?id=CVE-2020-25682", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25682", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25682", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25683", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1882018", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25683", }, { category: "external", summary: "RHBZ#1882018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25683", url: "https://www.cve.org/CVERecord?id=CVE-2020-25683", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25683", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25683", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25687", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891568", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25687", }, { category: "external", summary: "RHBZ#1891568", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25687", url: "https://www.cve.org/CVERecord?id=CVE-2020-25687", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25687", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25687", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled", }, ], }
rhsa-2021:0153
Vulnerability from csaf_redhat
Published
2021-01-19 18:02
Modified
2024-11-15 07:27
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0153", url: "https://access.redhat.com/errata/RHSA-2021:0153", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0153.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-15T07:27:56+00:00", generator: { date: "2024-11-15T07:27:56+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0153", initial_release_date: "2021-01-19T18:02:16+00:00", revision_history: [ { date: "2021-01-19T18:02:16+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T18:02:16+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T07:27:56+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Client (v. 7)", product: { name: "Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Client Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-16.el7_9.1.src", product: { name: "dnsmasq-0:2.76-16.el7_9.1.src", product_id: "dnsmasq-0:2.76-16.el7_9.1.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-16.el7_9.1?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-16.el7_9.1.x86_64", product: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64", product_id: "dnsmasq-0:2.76-16.el7_9.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-16.el7_9.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", product: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", product_id: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-16.el7_9.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", product: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", product_id: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-16.el7_9.1?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", product: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", product_id: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-16.el7_9.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", product_id: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-16.el7_9.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", product: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", product_id: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-16.el7_9.1?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-16.el7_9.1.ppc64", product: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64", product_id: "dnsmasq-0:2.76-16.el7_9.1.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-16.el7_9.1?arch=ppc64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", product: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", product_id: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-16.el7_9.1?arch=ppc64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", product: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", product_id: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-16.el7_9.1?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-16.el7_9.1.s390x", product: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x", product_id: "dnsmasq-0:2.76-16.el7_9.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-16.el7_9.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", product: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", product_id: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-16.el7_9.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", product: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", product_id: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-16.el7_9.1?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T18:02:16+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0153", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T18:02:16+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0153", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T18:02:16+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0153", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, ], }
RHSA-2021:0155
Vulnerability from csaf_redhat
Published
2021-01-19 17:41
Modified
2024-11-15 07:28
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0155", url: "https://access.redhat.com/errata/RHSA-2021:0155", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0155.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-15T07:28:04+00:00", generator: { date: "2024-11-15T07:28:04+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0155", initial_release_date: "2021-01-19T17:41:47+00:00", revision_history: [ { date: "2021-01-19T17:41:47+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T17:41:47+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T07:28:04+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product: { name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", product: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", product_id: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-7.el7_6.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", product: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", product_id: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-7.el7_6.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-0:2.76-7.el7_6.2.x86_64", product: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64", product_id: "dnsmasq-0:2.76-7.el7_6.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-7.el7_6.2?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", product: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", product_id: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-7.el7_6.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", product_id: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-7.el7_6.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", product: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", product_id: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-7.el7_6.2?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", product: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", product_id: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-7.el7_6.2?arch=ppc64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", product: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", product_id: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-7.el7_6.2?arch=ppc64", }, }, }, { category: "product_version", name: "dnsmasq-0:2.76-7.el7_6.2.ppc64", product: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64", product_id: "dnsmasq-0:2.76-7.el7_6.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-7.el7_6.2?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", product: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", product_id: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-7.el7_6.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", product: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", product_id: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-7.el7_6.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-0:2.76-7.el7_6.2.s390x", product: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x", product_id: "dnsmasq-0:2.76-7.el7_6.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-7.el7_6.2?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-7.el7_6.2.src", product: { name: "dnsmasq-0:2.76-7.el7_6.2.src", product_id: "dnsmasq-0:2.76-7.el7_6.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-7.el7_6.2?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.src", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.src as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.src", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.src", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.src", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.src", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.src", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T17:41:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0155", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T17:41:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0155", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T17:41:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0155", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, ], }
rhsa-2021:0240
Vulnerability from csaf_redhat
Published
2021-01-25 14:29
Modified
2024-11-15 07:29
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0240", url: "https://access.redhat.com/errata/RHSA-2021:0240", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0240.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-15T07:29:04+00:00", generator: { date: "2024-11-15T07:29:04+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0240", initial_release_date: "2021-01-25T14:29:59+00:00", revision_history: [ { date: "2021-01-25T14:29:59+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-25T14:29:59+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T07:29:04+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.2)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.2::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", product: { name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", product_id: "7Server-optional-7.2.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.2::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.66-14.el7_2.3.src", product: { name: "dnsmasq-0:2.66-14.el7_2.3.src", product_id: "dnsmasq-0:2.66-14.el7_2.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.66-14.el7_2.3?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.66-14.el7_2.3.x86_64", product: { name: "dnsmasq-0:2.66-14.el7_2.3.x86_64", product_id: "dnsmasq-0:2.66-14.el7_2.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.66-14.el7_2.3?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", product: { name: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", product_id: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.66-14.el7_2.3?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", product: { name: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", product_id: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.66-14.el7_2.3?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-14.el7_2.3.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", }, product_reference: "dnsmasq-0:2.66-14.el7_2.3.src", relates_to_product_reference: "7Server-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-14.el7_2.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", }, product_reference: "dnsmasq-0:2.66-14.el7_2.3.x86_64", relates_to_product_reference: "7Server-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", relates_to_product_reference: "7Server-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", relates_to_product_reference: "7Server-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-14.el7_2.3.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", product_id: "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", }, product_reference: "dnsmasq-0:2.66-14.el7_2.3.src", relates_to_product_reference: "7Server-optional-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-14.el7_2.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", product_id: "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", }, product_reference: "dnsmasq-0:2.66-14.el7_2.3.x86_64", relates_to_product_reference: "7Server-optional-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", product_id: "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", relates_to_product_reference: "7Server-optional-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", product_id: "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", relates_to_product_reference: "7Server-optional-7.2.AUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-25T14:29:59+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0240", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-25T14:29:59+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0240", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-25T14:29:59+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0240", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, ], }
RHSA-2021:0245
Vulnerability from csaf_redhat
Published
2021-01-25 15:13
Modified
2024-11-15 07:28
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0245", url: "https://access.redhat.com/errata/RHSA-2021:0245", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0245.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-15T07:28:57+00:00", generator: { date: "2024-11-15T07:28:57+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0245", initial_release_date: "2021-01-25T15:13:22+00:00", revision_history: [ { date: "2021-01-25T15:13:22+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-25T15:13:22+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T07:28:57+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.3)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.3::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", product: { name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", product_id: "7Server-optional-7.3.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.3::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.66-21.el7_3.3.src", product: { name: "dnsmasq-0:2.66-21.el7_3.3.src", product_id: "dnsmasq-0:2.66-21.el7_3.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.66-21.el7_3.3?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.66-21.el7_3.3.x86_64", product: { name: "dnsmasq-0:2.66-21.el7_3.3.x86_64", product_id: "dnsmasq-0:2.66-21.el7_3.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.66-21.el7_3.3?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", product: { name: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", product_id: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.66-21.el7_3.3?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", product: { name: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", product_id: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.66-21.el7_3.3?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-21.el7_3.3.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", }, product_reference: "dnsmasq-0:2.66-21.el7_3.3.src", relates_to_product_reference: "7Server-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-21.el7_3.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", }, product_reference: "dnsmasq-0:2.66-21.el7_3.3.x86_64", relates_to_product_reference: "7Server-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", relates_to_product_reference: "7Server-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", relates_to_product_reference: "7Server-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-21.el7_3.3.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", product_id: "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", }, product_reference: "dnsmasq-0:2.66-21.el7_3.3.src", relates_to_product_reference: "7Server-optional-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-21.el7_3.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", product_id: "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", }, product_reference: "dnsmasq-0:2.66-21.el7_3.3.x86_64", relates_to_product_reference: "7Server-optional-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", product_id: "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", relates_to_product_reference: "7Server-optional-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", product_id: "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", relates_to_product_reference: "7Server-optional-7.3.AUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-25T15:13:22+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0245", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-25T15:13:22+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0245", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-25T15:13:22+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0245", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, ], }
rhsa-2021:0155
Vulnerability from csaf_redhat
Published
2021-01-19 17:41
Modified
2024-11-15 07:28
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0155", url: "https://access.redhat.com/errata/RHSA-2021:0155", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0155.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-15T07:28:04+00:00", generator: { date: "2024-11-15T07:28:04+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0155", initial_release_date: "2021-01-19T17:41:47+00:00", revision_history: [ { date: "2021-01-19T17:41:47+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T17:41:47+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T07:28:04+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product: { name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", product: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", product_id: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-7.el7_6.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", product: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", product_id: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-7.el7_6.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-0:2.76-7.el7_6.2.x86_64", product: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64", product_id: "dnsmasq-0:2.76-7.el7_6.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-7.el7_6.2?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", product: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", product_id: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-7.el7_6.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", product_id: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-7.el7_6.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", product: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", product_id: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-7.el7_6.2?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", product: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", product_id: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-7.el7_6.2?arch=ppc64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", product: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", product_id: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-7.el7_6.2?arch=ppc64", }, }, }, { category: "product_version", name: "dnsmasq-0:2.76-7.el7_6.2.ppc64", product: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64", product_id: "dnsmasq-0:2.76-7.el7_6.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-7.el7_6.2?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", product: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", product_id: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-7.el7_6.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", product: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", product_id: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-7.el7_6.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-0:2.76-7.el7_6.2.s390x", product: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x", product_id: "dnsmasq-0:2.76-7.el7_6.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-7.el7_6.2?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-7.el7_6.2.src", product: { name: "dnsmasq-0:2.76-7.el7_6.2.src", product_id: "dnsmasq-0:2.76-7.el7_6.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-7.el7_6.2?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.src", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.src as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.src", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.src", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.src", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.src", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.src", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T17:41:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0155", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T17:41:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0155", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T17:41:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0155", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, ], }
RHSA-2021:0156
Vulnerability from csaf_redhat
Published
2021-01-19 13:40
Modified
2024-11-15 07:27
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0156", url: "https://access.redhat.com/errata/RHSA-2021:0156", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0156.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-15T07:27:34+00:00", generator: { date: "2024-11-15T07:27:34+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0156", initial_release_date: "2021-01-19T13:40:12+00:00", revision_history: [ { date: "2021-01-19T13:40:12+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T13:40:12+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T07:27:34+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", product_id: "7Server-optional-7.4.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server E4S (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_e4s:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_e4s:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server TUS (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_tus:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", product_id: "7Server-optional-7.4.TUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_tus:7.4::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-2.el7_4.3.src", product: { name: "dnsmasq-0:2.76-2.el7_4.3.src", product_id: "dnsmasq-0:2.76-2.el7_4.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-2.el7_4.3?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-2.el7_4.3.x86_64", product: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64", product_id: "dnsmasq-0:2.76-2.el7_4.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-2.el7_4.3?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", product: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", product_id: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-2.el7_4.3?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", product: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", product_id: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-2.el7_4.3?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-2.el7_4.3.ppc64le", product: { name: "dnsmasq-0:2.76-2.el7_4.3.ppc64le", product_id: "dnsmasq-0:2.76-2.el7_4.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-2.el7_4.3?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", product_id: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-2.el7_4.3?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", product: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", product_id: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-2.el7_4.3?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.src", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.ppc64le", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.src as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.src", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.src as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.src", relates_to_product_reference: "7Server-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", product_id: "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.src", relates_to_product_reference: "7Server-optional-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", product_id: "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", product_id: "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", product_id: "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.ppc64le", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.src as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.src", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.src as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", product_id: "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.src", relates_to_product_reference: "7Server-optional-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", product_id: "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", product_id: "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", product_id: "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.TUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:40:12+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0156", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:40:12+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0156", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:40:12+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0156", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, ], }
rhsa-2021_0401
Vulnerability from csaf_redhat
Published
2021-02-03 16:14
Modified
2024-11-15 11:45
Summary
Red Hat Security Advisory: Red Hat Virtualization Host security bug fix and enhancement update [ovirt-4.4.4]
Notes
Topic
An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
Security Fix(es):
* sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Previously, the Red Hat Virtualization Host (RHV-H) repository (rhvh-4-for-rhel-8-x86_64-rpms) did not include the libsmbclient package, which is a dependency for the sssd-ad package. Consequently, the sssd-ad package failed to install.
With this update, the libsmbclient is now in the RHV-H repository, and sssd-ad now installs on RHV-H. (BZ#1868967)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. \n\nSecurity Fix(es):\n\n* sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Previously, the Red Hat Virtualization Host (RHV-H) repository (rhvh-4-for-rhel-8-x86_64-rpms) did not include the libsmbclient package, which is a dependency for the sssd-ad package. Consequently, the sssd-ad package failed to install.\n\nWith this update, the libsmbclient is now in the RHV-H repository, and sssd-ad now installs on RHV-H. (BZ#1868967)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0401", url: "https://access.redhat.com/errata/RHSA-2021:0401", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-002", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-002", }, { category: "external", summary: "1850939", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1850939", }, { category: "external", summary: "1868967", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1868967", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "1902315", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1902315", }, { category: "external", summary: "1902646", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1902646", }, { category: "external", summary: "1909644", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1909644", }, { category: "external", summary: "1917684", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1917684", }, { category: "external", summary: "1921553", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1921553", }, { category: "external", summary: "1923126", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1923126", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0401.json", }, ], title: "Red Hat Security Advisory: Red Hat Virtualization Host security bug fix and enhancement update [ovirt-4.4.4]", tracking: { current_release_date: "2024-11-15T11:45:58+00:00", generator: { date: "2024-11-15T11:45:58+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0401", initial_release_date: "2021-02-03T16:14:40+00:00", revision_history: [ { date: "2021-02-03T16:14:40+00:00", number: "1", summary: "Initial version", }, { date: "2021-02-03T16:14:40+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T11:45:58+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Virtualization 4 Hypervisor for RHEL 8", product: { name: "Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4", product_identification_helper: { cpe: "cpe:/o:redhat:rhev_hypervisor:4.4::el8", }, }, }, { category: "product_name", name: "RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product: { name: "RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4", product_identification_helper: { cpe: "cpe:/o:redhat:rhev_hypervisor:4.4::el8", }, }, }, { category: "product_name", name: "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product: { name: "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4", product_identification_helper: { cpe: "cpe:/o:redhat:rhev_hypervisor:4.4::el8", }, }, }, ], category: "product_family", name: "Red Hat Virtualization", }, { branches: [ { category: "product_version", name: "libsmbclient-0:4.12.3-12.el8.3.x86_64", product: { name: "libsmbclient-0:4.12.3-12.el8.3.x86_64", product_id: "libsmbclient-0:4.12.3-12.el8.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsmbclient@4.12.3-12.el8.3?arch=x86_64", }, }, }, { category: "product_version", name: "samba-debugsource-0:4.12.3-12.el8.3.x86_64", product: { name: "samba-debugsource-0:4.12.3-12.el8.3.x86_64", product_id: "samba-debugsource-0:4.12.3-12.el8.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/samba-debugsource@4.12.3-12.el8.3?arch=x86_64", }, }, }, { category: "product_version", name: "libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", product: { name: "libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", product_id: "libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsmbclient-debuginfo@4.12.3-12.el8.3?arch=x86_64", }, }, }, { category: "product_version", name: "samba-debuginfo-0:4.12.3-12.el8.3.x86_64", product: { name: "samba-debuginfo-0:4.12.3-12.el8.3.x86_64", product_id: "samba-debuginfo-0:4.12.3-12.el8.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/samba-debuginfo@4.12.3-12.el8.3?arch=x86_64", }, }, }, { category: "product_version", name: "libipa_hbac-0:2.3.0-9.el8.x86_64", product: { name: "libipa_hbac-0:2.3.0-9.el8.x86_64", product_id: "libipa_hbac-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libipa_hbac@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_autofs-0:2.3.0-9.el8.x86_64", product: { name: "libsss_autofs-0:2.3.0-9.el8.x86_64", product_id: "libsss_autofs-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_autofs@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_certmap-0:2.3.0-9.el8.x86_64", product: { name: "libsss_certmap-0:2.3.0-9.el8.x86_64", product_id: "libsss_certmap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_certmap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_idmap-0:2.3.0-9.el8.x86_64", product: { name: "libsss_idmap-0:2.3.0-9.el8.x86_64", product_id: "libsss_idmap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_idmap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_nss_idmap-0:2.3.0-9.el8.x86_64", product: { name: "libsss_nss_idmap-0:2.3.0-9.el8.x86_64", product_id: "libsss_nss_idmap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_nss_idmap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", product: { name: "libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", product_id: "libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_nss_idmap-devel@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_simpleifp-0:2.3.0-9.el8.x86_64", product: { name: "libsss_simpleifp-0:2.3.0-9.el8.x86_64", product_id: "libsss_simpleifp-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_simpleifp@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_sudo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_sudo-0:2.3.0-9.el8.x86_64", product_id: "libsss_sudo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_sudo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-libipa_hbac-0:2.3.0-9.el8.x86_64", product: { name: "python3-libipa_hbac-0:2.3.0-9.el8.x86_64", product_id: "python3-libipa_hbac-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-libipa_hbac@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", product: { name: "python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", product_id: "python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-libsss_nss_idmap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-sss-0:2.3.0-9.el8.x86_64", product: { name: "python3-sss-0:2.3.0-9.el8.x86_64", product_id: "python3-sss-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-sss@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-sss-murmur-0:2.3.0-9.el8.x86_64", product: { name: "python3-sss-murmur-0:2.3.0-9.el8.x86_64", product_id: "python3-sss-murmur-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-sss-murmur@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-0:2.3.0-9.el8.x86_64", product: { name: "sssd-0:2.3.0-9.el8.x86_64", product_id: "sssd-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-ad-0:2.3.0-9.el8.x86_64", product: { name: "sssd-ad-0:2.3.0-9.el8.x86_64", product_id: "sssd-ad-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-ad@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-client-0:2.3.0-9.el8.x86_64", product: { name: "sssd-client-0:2.3.0-9.el8.x86_64", product_id: "sssd-client-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-client@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-common-0:2.3.0-9.el8.x86_64", product: { name: "sssd-common-0:2.3.0-9.el8.x86_64", product_id: "sssd-common-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-common@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-common-pac-0:2.3.0-9.el8.x86_64", product: { name: "sssd-common-pac-0:2.3.0-9.el8.x86_64", product_id: "sssd-common-pac-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-common-pac@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-dbus-0:2.3.0-9.el8.x86_64", product: { name: "sssd-dbus-0:2.3.0-9.el8.x86_64", product_id: "sssd-dbus-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-dbus@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-ipa-0:2.3.0-9.el8.x86_64", product: { name: "sssd-ipa-0:2.3.0-9.el8.x86_64", product_id: "sssd-ipa-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-ipa@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-kcm-0:2.3.0-9.el8.x86_64", product: { name: "sssd-kcm-0:2.3.0-9.el8.x86_64", product_id: "sssd-kcm-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-kcm@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-krb5-0:2.3.0-9.el8.x86_64", product: { name: "sssd-krb5-0:2.3.0-9.el8.x86_64", product_id: "sssd-krb5-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-krb5@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-krb5-common-0:2.3.0-9.el8.x86_64", product: { name: "sssd-krb5-common-0:2.3.0-9.el8.x86_64", product_id: "sssd-krb5-common-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-krb5-common@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-ldap-0:2.3.0-9.el8.x86_64", product: { name: "sssd-ldap-0:2.3.0-9.el8.x86_64", product_id: "sssd-ldap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-ldap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-libwbclient-0:2.3.0-9.el8.x86_64", product: { name: "sssd-libwbclient-0:2.3.0-9.el8.x86_64", product_id: "sssd-libwbclient-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-libwbclient@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", product: { name: "sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", product_id: "sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-nfs-idmap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-polkit-rules-0:2.3.0-9.el8.x86_64", product: { name: "sssd-polkit-rules-0:2.3.0-9.el8.x86_64", product_id: "sssd-polkit-rules-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-polkit-rules@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-proxy-0:2.3.0-9.el8.x86_64", product: { name: "sssd-proxy-0:2.3.0-9.el8.x86_64", product_id: "sssd-proxy-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-proxy@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-tools-0:2.3.0-9.el8.x86_64", product: { name: "sssd-tools-0:2.3.0-9.el8.x86_64", product_id: "sssd-tools-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-tools@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", product: { name: "sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", product_id: "sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-winbind-idmap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-debugsource-0:2.3.0-9.el8.x86_64", product: { name: "sssd-debugsource-0:2.3.0-9.el8.x86_64", product_id: "sssd-debugsource-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-debugsource@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libipa_hbac-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_autofs-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_certmap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_idmap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_nss_idmap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_simpleifp-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_sudo-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-libipa_hbac-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-libsss_nss_idmap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-sss-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-sss-murmur-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-ad-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-client-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-common-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-common-pac-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-dbus-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-ipa-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-kcm-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-krb5-common-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-krb5-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-ldap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-libwbclient-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-nfs-idmap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-proxy-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-tools-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-winbind-idmap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", product: { name: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", product_id: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-release-virtualization-host@4.4.4-1.el8ev?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "samba-0:4.12.3-12.el8.3.src", product: { name: "samba-0:4.12.3-12.el8.3.src", product_id: "samba-0:4.12.3-12.el8.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/samba@4.12.3-12.el8.3?arch=src", }, }, }, { category: "product_version", name: "sssd-0:2.3.0-9.el8.src", product: { name: "sssd-0:2.3.0-9.el8.src", product_id: "sssd-0:2.3.0-9.el8.src", product_identification_helper: { purl: "pkg:rpm/redhat/sssd@2.3.0-9.el8?arch=src", }, }, }, { category: "product_version", name: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", product: { name: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", product_id: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-release-virtualization-host@4.4.4-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "cockpit-ovirt-0:0.14.17-1.el8ev.src", product: { name: "cockpit-ovirt-0:0.14.17-1.el8ev.src", product_id: "cockpit-ovirt-0:0.14.17-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/cockpit-ovirt@0.14.17-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "imgbased-0:1.2.16-0.1.el8ev.src", product: { name: "imgbased-0:1.2.16-0.1.el8ev.src", product_id: "imgbased-0:1.2.16-0.1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/imgbased@1.2.16-0.1.el8ev?arch=src", }, }, }, { category: "product_version", name: "redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", product: { name: "redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", product_id: "redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-virtualization-host@4.4.4-20210201.0.el8_3?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "python3-sssdconfig-0:2.3.0-9.el8.noarch", product: { name: "python3-sssdconfig-0:2.3.0-9.el8.noarch", product_id: "python3-sssdconfig-0:2.3.0-9.el8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3-sssdconfig@2.3.0-9.el8?arch=noarch", }, }, }, { category: "product_version", name: "redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", product: { name: "redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", product_id: "redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-virtualization-host-image-update-placeholder@4.4.4-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", product: { name: "cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", product_id: "cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/cockpit-ovirt-dashboard@0.14.17-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "imgbased-0:1.2.16-0.1.el8ev.noarch", product: { name: "imgbased-0:1.2.16-0.1.el8ev.noarch", product_id: "imgbased-0:1.2.16-0.1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/imgbased@1.2.16-0.1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "python3-imgbased-0:1.2.16-0.1.el8ev.noarch", product: { name: "python3-imgbased-0:1.2.16-0.1.el8ev.noarch", product_id: "python3-imgbased-0:1.2.16-0.1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3-imgbased@1.2.16-0.1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", product: { name: "redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", product_id: "redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-virtualization-host-image-update@4.4.4-20210201.0.el8_3?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cockpit-ovirt-0:0.14.17-1.el8ev.src as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", }, product_reference: "cockpit-ovirt-0:0.14.17-1.el8ev.src", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", }, product_reference: "cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "libipa_hbac-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", }, product_reference: "libipa_hbac-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsmbclient-0:4.12.3-12.el8.3.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", }, product_reference: "libsmbclient-0:4.12.3-12.el8.3.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", }, product_reference: "libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_autofs-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_autofs-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_certmap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_certmap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_idmap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_idmap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_nss_idmap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_nss_idmap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_simpleifp-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_simpleifp-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_sudo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_sudo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-libipa_hbac-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-libipa_hbac-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-sss-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-sss-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-sss-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-sss-murmur-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-sss-murmur-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-sssdconfig-0:2.3.0-9.el8.noarch as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", }, product_reference: "python3-sssdconfig-0:2.3.0-9.el8.noarch", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", }, product_reference: "redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", }, product_reference: "redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "samba-0:4.12.3-12.el8.3.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", }, product_reference: "samba-0:4.12.3-12.el8.3.src", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "samba-debuginfo-0:4.12.3-12.el8.3.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", }, product_reference: "samba-debuginfo-0:4.12.3-12.el8.3.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "samba-debugsource-0:4.12.3-12.el8.3.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", }, product_reference: "samba-debugsource-0:4.12.3-12.el8.3.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-0:2.3.0-9.el8.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", }, product_reference: "sssd-0:2.3.0-9.el8.src", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-ad-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-ad-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-client-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-client-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-client-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-common-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-common-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-common-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-common-pac-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-common-pac-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-dbus-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-dbus-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-debugsource-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-debugsource-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-ipa-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-ipa-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-kcm-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-kcm-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-krb5-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-krb5-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-krb5-common-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-krb5-common-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-ldap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-ldap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-libwbclient-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-libwbclient-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-nfs-idmap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-polkit-rules-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-polkit-rules-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-proxy-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-proxy-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-tools-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-tools-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-winbind-idmap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "imgbased-0:1.2.16-0.1.el8ev.noarch as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", }, product_reference: "imgbased-0:1.2.16-0.1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-HypervisorBuild-4", }, { category: "default_component_of", full_product_name: { name: "imgbased-0:1.2.16-0.1.el8ev.src as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", }, product_reference: "imgbased-0:1.2.16-0.1.el8ev.src", relates_to_product_reference: "8Base-RHV-HypervisorBuild-4", }, { category: "default_component_of", full_product_name: { name: "python3-imgbased-0:1.2.16-0.1.el8ev.noarch as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", }, product_reference: "python3-imgbased-0:1.2.16-0.1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-HypervisorBuild-4", }, { category: "default_component_of", full_product_name: { name: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.src as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", }, product_reference: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", relates_to_product_reference: "8Base-RHV-HypervisorBuild-4", }, { category: "default_component_of", full_product_name: { name: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64 as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", }, product_reference: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-HypervisorBuild-4", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", }, product_reference: "redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-HypervisorBuild-4", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], known_not_affected: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T16:14:40+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891\n\nAfter installing this update, the smb service will be restarted automatically.", product_ids: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0401", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], known_not_affected: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T16:14:40+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891\n\nAfter installing this update, the smb service will be restarted automatically.", product_ids: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0401", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], known_not_affected: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T16:14:40+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891\n\nAfter installing this update, the smb service will be restarted automatically.", product_ids: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0401", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, { cve: "CVE-2021-3156", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2021-01-19T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1917684", }, ], notes: [ { category: "description", text: "A flaw was found in sudo. A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user who can execute the sudo command (by default, any local user can execute sudo) without authentication. Successful exploitation of this flaw could lead to privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "sudo: Heap buffer overflow in argument parsing", title: "Vulnerability summary", }, { category: "other", text: "This flaw does not affect the versions of sudo shipped with Red Hat Enterprise Linux 5, because the vulnerable code was not present in these versions.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], known_not_affected: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-3156", }, { category: "external", summary: "RHBZ#1917684", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1917684", }, { category: "external", summary: "RHSB-2021-002", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-002", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-3156", url: "https://www.cve.org/CVERecord?id=CVE-2021-3156", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-3156", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-3156", }, { category: "external", summary: "https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt", url: "https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt", }, { category: "external", summary: "https://www.sudo.ws/alerts/unescape_overflow.html", url: "https://www.sudo.ws/alerts/unescape_overflow.html", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2021-01-26T18:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T16:14:40+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891\n\nAfter installing this update, the smb service will be restarted automatically.", product_ids: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0401", }, { category: "workaround", details: "Red Hat Product Security strongly recommends customers to update to fixed sudo packages once they are available. For customers who cannot update immediately, the following interim partial mitigation using systemtap is suggested:\n\n1. Install required systemtap packages and dependencies: \n```\nsystemtap yum-utils kernel-devel-\"$(uname -r)\"\n```\n\nThen for RHEL 7 install kernel debuginfo, using:\n```\ndebuginfo-install -y kernel-\"$(uname -r)\" \n```\nThen for RHEL 8 & 6 install sudo debuginfo, using:\n```\ndebuginfo-install sudo\n```\n \n2. Create the following systemtap script: (call the file as sudoedit-block.stap)\n```\nprobe process(\"/usr/bin/sudo\").function(\"main\") {\n command = cmdline_args(0,0,\"\");\n if (isinstr(command, \"edit\")) {\n raise(9);\n }\n}\n```\n3. Install the script using the following command: (using root)\n```\n# nohup stap -g sudoedit-block.stap &\n```\n(This should output the PID number of the systemtap script)\n\nThis script will cause the vulnerable sudoedit binary to stop working. The sudo command will still work as usual.\nThe above change does not persist across reboots and must be applied after each reboot.\n\nPlease consult How to make a systemtap kernel module load persistently across reboots? (https://access.redhat.com/solutions/5752521) to learn how to\nturn this into a service managed by initd. \n\n4. Once the new fixed packages are installed, the systemtap script can be removed by killing the systemtap process. For example, by using:\n```\n# kill -s SIGTERM 7590\n```\n(where 7590 is the PID of the systemtap process)", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], }, ], threats: [ { category: "exploit_status", date: "2022-04-06T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "sudo: Heap buffer overflow in argument parsing", }, ], }
rhsa-2021:0156
Vulnerability from csaf_redhat
Published
2021-01-19 13:40
Modified
2024-11-15 07:27
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0156", url: "https://access.redhat.com/errata/RHSA-2021:0156", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0156.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-15T07:27:34+00:00", generator: { date: "2024-11-15T07:27:34+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0156", initial_release_date: "2021-01-19T13:40:12+00:00", revision_history: [ { date: "2021-01-19T13:40:12+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T13:40:12+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T07:27:34+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", product_id: "7Server-optional-7.4.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server E4S (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_e4s:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_e4s:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server TUS (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_tus:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", product_id: "7Server-optional-7.4.TUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_tus:7.4::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-2.el7_4.3.src", product: { name: "dnsmasq-0:2.76-2.el7_4.3.src", product_id: "dnsmasq-0:2.76-2.el7_4.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-2.el7_4.3?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-2.el7_4.3.x86_64", product: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64", product_id: "dnsmasq-0:2.76-2.el7_4.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-2.el7_4.3?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", product: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", product_id: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-2.el7_4.3?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", product: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", product_id: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-2.el7_4.3?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-2.el7_4.3.ppc64le", product: { name: "dnsmasq-0:2.76-2.el7_4.3.ppc64le", product_id: "dnsmasq-0:2.76-2.el7_4.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-2.el7_4.3?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", product_id: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-2.el7_4.3?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", product: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", product_id: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-2.el7_4.3?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.src", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.ppc64le", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.src as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.src", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.src as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.src", relates_to_product_reference: "7Server-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", product_id: "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.src", relates_to_product_reference: "7Server-optional-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", product_id: "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", product_id: "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.4)", product_id: "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.ppc64le", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.src as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.src", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional E4S (v. 7.4)", product_id: "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.src as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", product_id: "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.src", relates_to_product_reference: "7Server-optional-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", product_id: "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", product_id: "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional TUS (v. 7.4)", product_id: "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", relates_to_product_reference: "7Server-optional-7.4.TUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:40:12+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0156", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:40:12+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0156", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:40:12+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0156", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.AUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.AUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.E4S:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.ppc64le", "7Server-optional-7.4.E4S:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.src", "7Server-optional-7.4.TUS:dnsmasq-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-debuginfo-0:2.76-2.el7_4.3.x86_64", "7Server-optional-7.4.TUS:dnsmasq-utils-0:2.76-2.el7_4.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, ], }
rhsa-2021_0154
Vulnerability from csaf_redhat
Published
2021-01-19 14:11
Modified
2024-11-15 07:27
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.7 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 7.7 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0154", url: "https://access.redhat.com/errata/RHSA-2021:0154", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0154.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-15T07:27:27+00:00", generator: { date: "2024-11-15T07:27:27+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0154", initial_release_date: "2021-01-19T14:11:04+00:00", revision_history: [ { date: "2021-01-19T14:11:04+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T14:11:04+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T07:27:27+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-10.el7_7.2.src", product: { name: "dnsmasq-0:2.76-10.el7_7.2.src", product_id: "dnsmasq-0:2.76-10.el7_7.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-10.el7_7.2?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-10.el7_7.2.x86_64", product: { name: "dnsmasq-0:2.76-10.el7_7.2.x86_64", product_id: "dnsmasq-0:2.76-10.el7_7.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-10.el7_7.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", product: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", product_id: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-10.el7_7.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", product: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", product_id: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-10.el7_7.2?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", product: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", product_id: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-10.el7_7.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", product_id: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-10.el7_7.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", product: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", product_id: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-10.el7_7.2?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-10.el7_7.2.ppc64", product: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64", product_id: "dnsmasq-0:2.76-10.el7_7.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-10.el7_7.2?arch=ppc64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", product: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", product_id: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-10.el7_7.2?arch=ppc64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", product: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", product_id: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-10.el7_7.2?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-10.el7_7.2.s390x", product: { name: "dnsmasq-0:2.76-10.el7_7.2.s390x", product_id: "dnsmasq-0:2.76-10.el7_7.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-10.el7_7.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", product: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", product_id: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-10.el7_7.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", product: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", product_id: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-10.el7_7.2?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.src", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.src as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.src", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.src", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.src", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T14:11:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0154", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T14:11:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0154", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T14:11:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0154", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, ], }
rhsa-2021_0395
Vulnerability from csaf_redhat
Published
2021-02-03 10:39
Modified
2024-11-15 11:45
Summary
Red Hat Security Advisory: RHV-H security, bug fix, enhancement update (redhat-virtualization-host) 4.3.13
Notes
Topic
An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
Security Fix(es):
* sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* When performing an upgrade of the Red Hat Virtualization Host using the command `yum update`, the yum repository for RHV 4.3 EUS is unreachable
As a workaround, run the following command:
`# yum update --releasever=7Server` (BZ#1899378)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.\n\nSecurity Fix(es):\n\n* sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* When performing an upgrade of the Red Hat Virtualization Host using the command `yum update`, the yum repository for RHV 4.3 EUS is unreachable\n\nAs a workaround, run the following command:\n`# yum update --releasever=7Server` (BZ#1899378)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0395", url: "https://access.redhat.com/errata/RHSA-2021:0395", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-002", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-002", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "1899378", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1899378", }, { category: "external", summary: "1916111", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916111", }, { category: "external", summary: "1917684", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1917684", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0395.json", }, ], title: "Red Hat Security Advisory: RHV-H security, bug fix, enhancement update (redhat-virtualization-host) 4.3.13", tracking: { current_release_date: "2024-11-15T11:45:51+00:00", generator: { date: "2024-11-15T11:45:51+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0395", initial_release_date: "2021-02-03T10:39:04+00:00", revision_history: [ { date: "2021-02-03T10:39:04+00:00", number: "1", summary: "Initial version", }, { date: "2021-02-03T10:39:04+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T11:45:51+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product: { name: "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::hypervisor", }, }, }, { category: "product_name", name: "RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product: { name: "RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product_id: "7Server-RHEV-4-HypervisorBuild-7", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::hypervisor", }, }, }, { category: "product_name", name: "Red Hat Virtualization 4 Hypervisor for RHEL 7", product: { name: "Red Hat Virtualization 4 Hypervisor for RHEL 7", product_id: "7Server-RHEV-4-Hypervisor-7", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::hypervisor", }, }, }, ], category: "product_family", name: "Red Hat Virtualization", }, { branches: [ { category: "product_version", name: "vdsm-0:4.30.51-1.el7ev.src", product: { name: "vdsm-0:4.30.51-1.el7ev.src", product_id: "vdsm-0:4.30.51-1.el7ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm@4.30.51-1.el7ev?arch=src", }, }, }, { category: "product_version", name: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", product: { name: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", product_id: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-release-virtualization-host@4.3.13-2.el7ev?arch=src", }, }, }, { category: "product_version", name: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", product: { name: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", product_id: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-virtualization-host@4.3.13-20210127.0.el7_9?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "vdsm-0:4.30.51-1.el7ev.x86_64", product: { name: "vdsm-0:4.30.51-1.el7ev.x86_64", product_id: "vdsm-0:4.30.51-1.el7ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm@4.30.51-1.el7ev?arch=x86_64", }, }, }, { category: "product_version", name: "vdsm-gluster-0:4.30.51-1.el7ev.x86_64", product: { name: "vdsm-gluster-0:4.30.51-1.el7ev.x86_64", product_id: "vdsm-gluster-0:4.30.51-1.el7ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-gluster@4.30.51-1.el7ev?arch=x86_64", }, }, }, { category: "product_version", name: "vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", product: { name: "vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", product_id: "vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-checkips@4.30.51-1.el7ev?arch=x86_64", }, }, }, { category: "product_version", name: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", product: { name: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", product_id: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-extra-ipv4-addrs@4.30.51-1.el7ev?arch=x86_64", }, }, }, { category: "product_version", name: "vdsm-network-0:4.30.51-1.el7ev.x86_64", product: { name: "vdsm-network-0:4.30.51-1.el7ev.x86_64", product_id: "vdsm-network-0:4.30.51-1.el7ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-network@4.30.51-1.el7ev?arch=x86_64", }, }, }, { category: "product_version", name: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", product: { name: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", product_id: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-release-virtualization-host@4.3.13-2.el7ev?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "vdsm-0:4.30.51-1.el7ev.ppc64le", product: { name: "vdsm-0:4.30.51-1.el7ev.ppc64le", product_id: "vdsm-0:4.30.51-1.el7ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm@4.30.51-1.el7ev?arch=ppc64le", }, }, }, { category: "product_version", name: "vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", product: { name: "vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", product_id: "vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-gluster@4.30.51-1.el7ev?arch=ppc64le", }, }, }, { category: "product_version", name: "vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", product: { name: "vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", product_id: "vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-checkips@4.30.51-1.el7ev?arch=ppc64le", }, }, }, { category: "product_version", name: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", product: { name: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", product_id: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-extra-ipv4-addrs@4.30.51-1.el7ev?arch=ppc64le", }, }, }, { category: "product_version", name: "vdsm-network-0:4.30.51-1.el7ev.ppc64le", product: { name: "vdsm-network-0:4.30.51-1.el7ev.ppc64le", product_id: "vdsm-network-0:4.30.51-1.el7ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-network@4.30.51-1.el7ev?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "vdsm-api-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-api-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-api-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-api@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-client-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-client-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-client-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-client@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-common-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-common-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-common-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-common@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-cpuflags@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-ethtool-options@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-fcoe@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-localdisk@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-macspoof@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-nestedvt@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-openstacknet@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-vhostmd@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-hook-vmfex-dev@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-http-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-http-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-http-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-http@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-jsonrpc@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-python-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-python-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-python-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-python@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", product: { name: "vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", product_id: "vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-yajsonrpc@4.30.51-1.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", product: { name: "redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", product_id: "redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-virtualization-host-image-update-placeholder@4.3.13-2.el7ev?arch=noarch", }, }, }, { category: "product_version", name: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", product: { name: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", product_id: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-virtualization-host-image-update@4.3.13-20210127.0.el7_9?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "vdsm-0:4.30.51-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", }, product_reference: "vdsm-0:4.30.51-1.el7ev.ppc64le", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-0:4.30.51-1.el7ev.src as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", }, product_reference: "vdsm-0:4.30.51-1.el7ev.src", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-0:4.30.51-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", }, product_reference: "vdsm-0:4.30.51-1.el7ev.x86_64", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-api-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-api-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-client-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-client-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-common-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-common-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-gluster-0:4.30.51-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", }, product_reference: "vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-gluster-0:4.30.51-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", }, product_reference: "vdsm-gluster-0:4.30.51-1.el7ev.x86_64", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", }, product_reference: "vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", }, product_reference: "vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", }, product_reference: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", }, product_reference: "vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-http-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-http-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-network-0:4.30.51-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", }, product_reference: "vdsm-network-0:4.30.51-1.el7ev.ppc64le", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-network-0:4.30.51-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", }, product_reference: "vdsm-network-0:4.30.51-1.el7ev.x86_64", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-python-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-python-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", }, product_reference: "vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-Agents-7", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 7", product_id: "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", }, product_reference: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", relates_to_product_reference: "7Server-RHEV-4-Hypervisor-7", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch as a component of Red Hat Virtualization 4 Hypervisor for RHEL 7", product_id: "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", }, product_reference: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", relates_to_product_reference: "7Server-RHEV-4-Hypervisor-7", }, { category: "default_component_of", full_product_name: { name: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.src as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product_id: "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", }, product_reference: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", relates_to_product_reference: "7Server-RHEV-4-HypervisorBuild-7", }, { category: "default_component_of", full_product_name: { name: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64 as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product_id: "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", }, product_reference: "redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", relates_to_product_reference: "7Server-RHEV-4-HypervisorBuild-7", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product_id: "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", }, product_reference: "redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", relates_to_product_reference: "7Server-RHEV-4-HypervisorBuild-7", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product_id: "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", }, product_reference: "redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", relates_to_product_reference: "7Server-RHEV-4-HypervisorBuild-7", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)", product_id: "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", }, product_reference: "redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", relates_to_product_reference: "7Server-RHEV-4-HypervisorBuild-7", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], known_not_affected: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T10:39:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0395", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], known_not_affected: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T10:39:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0395", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], known_not_affected: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T10:39:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0395", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, { cve: "CVE-2021-3156", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2021-01-19T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1917684", }, ], notes: [ { category: "description", text: "A flaw was found in sudo. A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user who can execute the sudo command (by default, any local user can execute sudo) without authentication. Successful exploitation of this flaw could lead to privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "sudo: Heap buffer overflow in argument parsing", title: "Vulnerability summary", }, { category: "other", text: "This flaw does not affect the versions of sudo shipped with Red Hat Enterprise Linux 5, because the vulnerable code was not present in these versions.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], known_not_affected: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-3156", }, { category: "external", summary: "RHBZ#1917684", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1917684", }, { category: "external", summary: "RHSB-2021-002", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-002", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-3156", url: "https://www.cve.org/CVERecord?id=CVE-2021-3156", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-3156", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-3156", }, { category: "external", summary: "https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt", url: "https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt", }, { category: "external", summary: "https://www.sudo.ws/alerts/unescape_overflow.html", url: "https://www.sudo.ws/alerts/unescape_overflow.html", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2021-01-26T18:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T10:39:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0395", }, { category: "workaround", details: "Red Hat Product Security strongly recommends customers to update to fixed sudo packages once they are available. For customers who cannot update immediately, the following interim partial mitigation using systemtap is suggested:\n\n1. Install required systemtap packages and dependencies: \n```\nsystemtap yum-utils kernel-devel-\"$(uname -r)\"\n```\n\nThen for RHEL 7 install kernel debuginfo, using:\n```\ndebuginfo-install -y kernel-\"$(uname -r)\" \n```\nThen for RHEL 8 & 6 install sudo debuginfo, using:\n```\ndebuginfo-install sudo\n```\n \n2. Create the following systemtap script: (call the file as sudoedit-block.stap)\n```\nprobe process(\"/usr/bin/sudo\").function(\"main\") {\n command = cmdline_args(0,0,\"\");\n if (isinstr(command, \"edit\")) {\n raise(9);\n }\n}\n```\n3. Install the script using the following command: (using root)\n```\n# nohup stap -g sudoedit-block.stap &\n```\n(This should output the PID number of the systemtap script)\n\nThis script will cause the vulnerable sudoedit binary to stop working. The sudo command will still work as usual.\nThe above change does not persist across reboots and must be applied after each reboot.\n\nPlease consult How to make a systemtap kernel module load persistently across reboots? (https://access.redhat.com/solutions/5752521) to learn how to\nturn this into a service managed by initd. \n\n4. Once the new fixed packages are installed, the systemtap script can be removed by killing the systemtap process. For example, by using:\n```\n# kill -s SIGTERM 7590\n```\n(where 7590 is the PID of the systemtap process)", product_ids: [ "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.src", "7Server-RHEV-4-Agents-7:vdsm-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-api-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-client-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-common-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-http-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.ppc64le", "7Server-RHEV-4-Agents-7:vdsm-network-0:4.30.51-1.el7ev.x86_64", "7Server-RHEV-4-Agents-7:vdsm-python-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.30.51-1.el7ev.noarch", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.13-2.el7ev.x86_64", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.13-2.el7ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.13-20210127.0.el7_9.src", "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.13-20210127.0.el7_9.noarch", ], }, ], threats: [ { category: "exploit_status", date: "2022-04-06T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "sudo: Heap buffer overflow in argument parsing", }, ], }
rhsa-2021:0401
Vulnerability from csaf_redhat
Published
2021-02-03 16:14
Modified
2024-11-15 11:45
Summary
Red Hat Security Advisory: Red Hat Virtualization Host security bug fix and enhancement update [ovirt-4.4.4]
Notes
Topic
An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
Security Fix(es):
* sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Previously, the Red Hat Virtualization Host (RHV-H) repository (rhvh-4-for-rhel-8-x86_64-rpms) did not include the libsmbclient package, which is a dependency for the sssd-ad package. Consequently, the sssd-ad package failed to install.
With this update, the libsmbclient is now in the RHV-H repository, and sssd-ad now installs on RHV-H. (BZ#1868967)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. \n\nSecurity Fix(es):\n\n* sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Previously, the Red Hat Virtualization Host (RHV-H) repository (rhvh-4-for-rhel-8-x86_64-rpms) did not include the libsmbclient package, which is a dependency for the sssd-ad package. Consequently, the sssd-ad package failed to install.\n\nWith this update, the libsmbclient is now in the RHV-H repository, and sssd-ad now installs on RHV-H. (BZ#1868967)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0401", url: "https://access.redhat.com/errata/RHSA-2021:0401", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-002", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-002", }, { category: "external", summary: "1850939", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1850939", }, { category: "external", summary: "1868967", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1868967", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "1902315", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1902315", }, { category: "external", summary: "1902646", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1902646", }, { category: "external", summary: "1909644", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1909644", }, { category: "external", summary: "1917684", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1917684", }, { category: "external", summary: "1921553", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1921553", }, { category: "external", summary: "1923126", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1923126", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0401.json", }, ], title: "Red Hat Security Advisory: Red Hat Virtualization Host security bug fix and enhancement update [ovirt-4.4.4]", tracking: { current_release_date: "2024-11-15T11:45:58+00:00", generator: { date: "2024-11-15T11:45:58+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0401", initial_release_date: "2021-02-03T16:14:40+00:00", revision_history: [ { date: "2021-02-03T16:14:40+00:00", number: "1", summary: "Initial version", }, { date: "2021-02-03T16:14:40+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T11:45:58+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Virtualization 4 Hypervisor for RHEL 8", product: { name: "Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4", product_identification_helper: { cpe: "cpe:/o:redhat:rhev_hypervisor:4.4::el8", }, }, }, { category: "product_name", name: "RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product: { name: "RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4", product_identification_helper: { cpe: "cpe:/o:redhat:rhev_hypervisor:4.4::el8", }, }, }, { category: "product_name", name: "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product: { name: "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4", product_identification_helper: { cpe: "cpe:/o:redhat:rhev_hypervisor:4.4::el8", }, }, }, ], category: "product_family", name: "Red Hat Virtualization", }, { branches: [ { category: "product_version", name: "libsmbclient-0:4.12.3-12.el8.3.x86_64", product: { name: "libsmbclient-0:4.12.3-12.el8.3.x86_64", product_id: "libsmbclient-0:4.12.3-12.el8.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsmbclient@4.12.3-12.el8.3?arch=x86_64", }, }, }, { category: "product_version", name: "samba-debugsource-0:4.12.3-12.el8.3.x86_64", product: { name: "samba-debugsource-0:4.12.3-12.el8.3.x86_64", product_id: "samba-debugsource-0:4.12.3-12.el8.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/samba-debugsource@4.12.3-12.el8.3?arch=x86_64", }, }, }, { category: "product_version", name: "libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", product: { name: "libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", product_id: "libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsmbclient-debuginfo@4.12.3-12.el8.3?arch=x86_64", }, }, }, { category: "product_version", name: "samba-debuginfo-0:4.12.3-12.el8.3.x86_64", product: { name: "samba-debuginfo-0:4.12.3-12.el8.3.x86_64", product_id: "samba-debuginfo-0:4.12.3-12.el8.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/samba-debuginfo@4.12.3-12.el8.3?arch=x86_64", }, }, }, { category: "product_version", name: "libipa_hbac-0:2.3.0-9.el8.x86_64", product: { name: "libipa_hbac-0:2.3.0-9.el8.x86_64", product_id: "libipa_hbac-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libipa_hbac@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_autofs-0:2.3.0-9.el8.x86_64", product: { name: "libsss_autofs-0:2.3.0-9.el8.x86_64", product_id: "libsss_autofs-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_autofs@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_certmap-0:2.3.0-9.el8.x86_64", product: { name: "libsss_certmap-0:2.3.0-9.el8.x86_64", product_id: "libsss_certmap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_certmap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_idmap-0:2.3.0-9.el8.x86_64", product: { name: "libsss_idmap-0:2.3.0-9.el8.x86_64", product_id: "libsss_idmap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_idmap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_nss_idmap-0:2.3.0-9.el8.x86_64", product: { name: "libsss_nss_idmap-0:2.3.0-9.el8.x86_64", product_id: "libsss_nss_idmap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_nss_idmap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", product: { name: "libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", product_id: "libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_nss_idmap-devel@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_simpleifp-0:2.3.0-9.el8.x86_64", product: { name: "libsss_simpleifp-0:2.3.0-9.el8.x86_64", product_id: "libsss_simpleifp-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_simpleifp@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_sudo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_sudo-0:2.3.0-9.el8.x86_64", product_id: "libsss_sudo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_sudo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-libipa_hbac-0:2.3.0-9.el8.x86_64", product: { name: "python3-libipa_hbac-0:2.3.0-9.el8.x86_64", product_id: "python3-libipa_hbac-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-libipa_hbac@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", product: { name: "python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", product_id: "python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-libsss_nss_idmap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-sss-0:2.3.0-9.el8.x86_64", product: { name: "python3-sss-0:2.3.0-9.el8.x86_64", product_id: "python3-sss-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-sss@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-sss-murmur-0:2.3.0-9.el8.x86_64", product: { name: "python3-sss-murmur-0:2.3.0-9.el8.x86_64", product_id: "python3-sss-murmur-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-sss-murmur@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-0:2.3.0-9.el8.x86_64", product: { name: "sssd-0:2.3.0-9.el8.x86_64", product_id: "sssd-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-ad-0:2.3.0-9.el8.x86_64", product: { name: "sssd-ad-0:2.3.0-9.el8.x86_64", product_id: "sssd-ad-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-ad@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-client-0:2.3.0-9.el8.x86_64", product: { name: "sssd-client-0:2.3.0-9.el8.x86_64", product_id: "sssd-client-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-client@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-common-0:2.3.0-9.el8.x86_64", product: { name: "sssd-common-0:2.3.0-9.el8.x86_64", product_id: "sssd-common-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-common@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-common-pac-0:2.3.0-9.el8.x86_64", product: { name: "sssd-common-pac-0:2.3.0-9.el8.x86_64", product_id: "sssd-common-pac-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-common-pac@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-dbus-0:2.3.0-9.el8.x86_64", product: { name: "sssd-dbus-0:2.3.0-9.el8.x86_64", product_id: "sssd-dbus-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-dbus@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-ipa-0:2.3.0-9.el8.x86_64", product: { name: "sssd-ipa-0:2.3.0-9.el8.x86_64", product_id: "sssd-ipa-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-ipa@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-kcm-0:2.3.0-9.el8.x86_64", product: { name: "sssd-kcm-0:2.3.0-9.el8.x86_64", product_id: "sssd-kcm-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-kcm@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-krb5-0:2.3.0-9.el8.x86_64", product: { name: "sssd-krb5-0:2.3.0-9.el8.x86_64", product_id: "sssd-krb5-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-krb5@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-krb5-common-0:2.3.0-9.el8.x86_64", product: { name: "sssd-krb5-common-0:2.3.0-9.el8.x86_64", product_id: "sssd-krb5-common-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-krb5-common@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-ldap-0:2.3.0-9.el8.x86_64", product: { name: "sssd-ldap-0:2.3.0-9.el8.x86_64", product_id: "sssd-ldap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-ldap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-libwbclient-0:2.3.0-9.el8.x86_64", product: { name: "sssd-libwbclient-0:2.3.0-9.el8.x86_64", product_id: "sssd-libwbclient-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-libwbclient@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", product: { name: "sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", product_id: "sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-nfs-idmap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-polkit-rules-0:2.3.0-9.el8.x86_64", product: { name: "sssd-polkit-rules-0:2.3.0-9.el8.x86_64", product_id: "sssd-polkit-rules-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-polkit-rules@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-proxy-0:2.3.0-9.el8.x86_64", product: { name: "sssd-proxy-0:2.3.0-9.el8.x86_64", product_id: "sssd-proxy-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-proxy@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-tools-0:2.3.0-9.el8.x86_64", product: { name: "sssd-tools-0:2.3.0-9.el8.x86_64", product_id: "sssd-tools-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-tools@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", product: { name: "sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", product_id: "sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-winbind-idmap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-debugsource-0:2.3.0-9.el8.x86_64", product: { name: "sssd-debugsource-0:2.3.0-9.el8.x86_64", product_id: "sssd-debugsource-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-debugsource@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libipa_hbac-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_autofs-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_certmap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_idmap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_nss_idmap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_simpleifp-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_sudo-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-libipa_hbac-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-libsss_nss_idmap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-sss-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-sss-murmur-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-ad-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-client-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-common-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-common-pac-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-dbus-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-ipa-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-kcm-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-krb5-common-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-krb5-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-ldap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-libwbclient-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-nfs-idmap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-proxy-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-tools-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-winbind-idmap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", product: { name: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", product_id: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-release-virtualization-host@4.4.4-1.el8ev?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "samba-0:4.12.3-12.el8.3.src", product: { name: "samba-0:4.12.3-12.el8.3.src", product_id: "samba-0:4.12.3-12.el8.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/samba@4.12.3-12.el8.3?arch=src", }, }, }, { category: "product_version", name: "sssd-0:2.3.0-9.el8.src", product: { name: "sssd-0:2.3.0-9.el8.src", product_id: "sssd-0:2.3.0-9.el8.src", product_identification_helper: { purl: "pkg:rpm/redhat/sssd@2.3.0-9.el8?arch=src", }, }, }, { category: "product_version", name: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", product: { name: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", product_id: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-release-virtualization-host@4.4.4-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "cockpit-ovirt-0:0.14.17-1.el8ev.src", product: { name: "cockpit-ovirt-0:0.14.17-1.el8ev.src", product_id: "cockpit-ovirt-0:0.14.17-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/cockpit-ovirt@0.14.17-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "imgbased-0:1.2.16-0.1.el8ev.src", product: { name: "imgbased-0:1.2.16-0.1.el8ev.src", product_id: "imgbased-0:1.2.16-0.1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/imgbased@1.2.16-0.1.el8ev?arch=src", }, }, }, { category: "product_version", name: "redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", product: { name: "redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", product_id: "redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-virtualization-host@4.4.4-20210201.0.el8_3?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "python3-sssdconfig-0:2.3.0-9.el8.noarch", product: { name: "python3-sssdconfig-0:2.3.0-9.el8.noarch", product_id: "python3-sssdconfig-0:2.3.0-9.el8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3-sssdconfig@2.3.0-9.el8?arch=noarch", }, }, }, { category: "product_version", name: "redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", product: { name: "redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", product_id: "redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-virtualization-host-image-update-placeholder@4.4.4-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", product: { name: "cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", product_id: "cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/cockpit-ovirt-dashboard@0.14.17-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "imgbased-0:1.2.16-0.1.el8ev.noarch", product: { name: "imgbased-0:1.2.16-0.1.el8ev.noarch", product_id: "imgbased-0:1.2.16-0.1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/imgbased@1.2.16-0.1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "python3-imgbased-0:1.2.16-0.1.el8ev.noarch", product: { name: "python3-imgbased-0:1.2.16-0.1.el8ev.noarch", product_id: "python3-imgbased-0:1.2.16-0.1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3-imgbased@1.2.16-0.1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", product: { name: "redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", product_id: "redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-virtualization-host-image-update@4.4.4-20210201.0.el8_3?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cockpit-ovirt-0:0.14.17-1.el8ev.src as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", }, product_reference: "cockpit-ovirt-0:0.14.17-1.el8ev.src", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", }, product_reference: "cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "libipa_hbac-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", }, product_reference: "libipa_hbac-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsmbclient-0:4.12.3-12.el8.3.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", }, product_reference: "libsmbclient-0:4.12.3-12.el8.3.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", }, product_reference: "libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_autofs-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_autofs-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_certmap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_certmap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_idmap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_idmap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_nss_idmap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_nss_idmap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_simpleifp-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_simpleifp-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_sudo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_sudo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-libipa_hbac-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-libipa_hbac-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-sss-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-sss-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-sss-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-sss-murmur-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-sss-murmur-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-sssdconfig-0:2.3.0-9.el8.noarch as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", }, product_reference: "python3-sssdconfig-0:2.3.0-9.el8.noarch", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", }, product_reference: "redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", }, product_reference: "redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "samba-0:4.12.3-12.el8.3.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", }, product_reference: "samba-0:4.12.3-12.el8.3.src", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "samba-debuginfo-0:4.12.3-12.el8.3.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", }, product_reference: "samba-debuginfo-0:4.12.3-12.el8.3.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "samba-debugsource-0:4.12.3-12.el8.3.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", }, product_reference: "samba-debugsource-0:4.12.3-12.el8.3.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-0:2.3.0-9.el8.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", }, product_reference: "sssd-0:2.3.0-9.el8.src", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-ad-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-ad-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-client-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-client-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-client-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-common-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-common-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-common-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-common-pac-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-common-pac-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-dbus-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-dbus-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-debugsource-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-debugsource-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-ipa-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-ipa-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-kcm-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-kcm-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-krb5-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-krb5-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-krb5-common-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-krb5-common-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-ldap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-ldap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-libwbclient-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-libwbclient-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-nfs-idmap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-polkit-rules-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-polkit-rules-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-proxy-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-proxy-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-tools-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-tools-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-winbind-idmap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "imgbased-0:1.2.16-0.1.el8ev.noarch as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", }, product_reference: "imgbased-0:1.2.16-0.1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-HypervisorBuild-4", }, { category: "default_component_of", full_product_name: { name: "imgbased-0:1.2.16-0.1.el8ev.src as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", }, product_reference: "imgbased-0:1.2.16-0.1.el8ev.src", relates_to_product_reference: "8Base-RHV-HypervisorBuild-4", }, { category: "default_component_of", full_product_name: { name: "python3-imgbased-0:1.2.16-0.1.el8ev.noarch as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", }, product_reference: "python3-imgbased-0:1.2.16-0.1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-HypervisorBuild-4", }, { category: "default_component_of", full_product_name: { name: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.src as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", }, product_reference: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", relates_to_product_reference: "8Base-RHV-HypervisorBuild-4", }, { category: "default_component_of", full_product_name: { name: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64 as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", }, product_reference: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-HypervisorBuild-4", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", }, product_reference: "redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-HypervisorBuild-4", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], known_not_affected: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T16:14:40+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891\n\nAfter installing this update, the smb service will be restarted automatically.", product_ids: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0401", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], known_not_affected: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T16:14:40+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891\n\nAfter installing this update, the smb service will be restarted automatically.", product_ids: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0401", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], known_not_affected: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T16:14:40+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891\n\nAfter installing this update, the smb service will be restarted automatically.", product_ids: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0401", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, { cve: "CVE-2021-3156", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2021-01-19T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1917684", }, ], notes: [ { category: "description", text: "A flaw was found in sudo. A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user who can execute the sudo command (by default, any local user can execute sudo) without authentication. Successful exploitation of this flaw could lead to privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "sudo: Heap buffer overflow in argument parsing", title: "Vulnerability summary", }, { category: "other", text: "This flaw does not affect the versions of sudo shipped with Red Hat Enterprise Linux 5, because the vulnerable code was not present in these versions.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], known_not_affected: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-3156", }, { category: "external", summary: "RHBZ#1917684", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1917684", }, { category: "external", summary: "RHSB-2021-002", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-002", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-3156", url: "https://www.cve.org/CVERecord?id=CVE-2021-3156", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-3156", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-3156", }, { category: "external", summary: "https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt", url: "https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt", }, { category: "external", summary: "https://www.sudo.ws/alerts/unescape_overflow.html", url: "https://www.sudo.ws/alerts/unescape_overflow.html", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2021-01-26T18:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T16:14:40+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891\n\nAfter installing this update, the smb service will be restarted automatically.", product_ids: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0401", }, { category: "workaround", details: "Red Hat Product Security strongly recommends customers to update to fixed sudo packages once they are available. For customers who cannot update immediately, the following interim partial mitigation using systemtap is suggested:\n\n1. Install required systemtap packages and dependencies: \n```\nsystemtap yum-utils kernel-devel-\"$(uname -r)\"\n```\n\nThen for RHEL 7 install kernel debuginfo, using:\n```\ndebuginfo-install -y kernel-\"$(uname -r)\" \n```\nThen for RHEL 8 & 6 install sudo debuginfo, using:\n```\ndebuginfo-install sudo\n```\n \n2. Create the following systemtap script: (call the file as sudoedit-block.stap)\n```\nprobe process(\"/usr/bin/sudo\").function(\"main\") {\n command = cmdline_args(0,0,\"\");\n if (isinstr(command, \"edit\")) {\n raise(9);\n }\n}\n```\n3. Install the script using the following command: (using root)\n```\n# nohup stap -g sudoedit-block.stap &\n```\n(This should output the PID number of the systemtap script)\n\nThis script will cause the vulnerable sudoedit binary to stop working. The sudo command will still work as usual.\nThe above change does not persist across reboots and must be applied after each reboot.\n\nPlease consult How to make a systemtap kernel module load persistently across reboots? (https://access.redhat.com/solutions/5752521) to learn how to\nturn this into a service managed by initd. \n\n4. Once the new fixed packages are installed, the systemtap script can be removed by killing the systemtap process. For example, by using:\n```\n# kill -s SIGTERM 7590\n```\n(where 7590 is the PID of the systemtap process)", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], }, ], threats: [ { category: "exploit_status", date: "2022-04-06T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "sudo: Heap buffer overflow in argument parsing", }, ], }
rhsa-2021:0151
Vulnerability from csaf_redhat
Published
2021-01-19 13:37
Modified
2024-11-22 16:15
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)
* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)
* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)\n\n* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0151", url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1881875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", }, { category: "external", summary: "1882014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", }, { category: "external", summary: "1882018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "1891568", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0151.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-22T16:15:03+00:00", generator: { date: "2024-11-22T16:15:03+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0151", initial_release_date: "2021-01-19T13:37:11+00:00", revision_history: [ { date: "2021-01-19T13:37:11+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T13:37:11+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:15:03+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product: { name: "Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_eus:8.2::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-11.el8_2.2.src", product: { name: "dnsmasq-0:2.79-11.el8_2.2.src", product_id: "dnsmasq-0:2.79-11.el8_2.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-11.el8_2.2?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-11.el8_2.2.aarch64", product: { name: "dnsmasq-0:2.79-11.el8_2.2.aarch64", product_id: "dnsmasq-0:2.79-11.el8_2.2.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-11.el8_2.2?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", product: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", product_id: "dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-11.el8_2.2?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", product: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", product_id: "dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-11.el8_2.2?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", product: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", product_id: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-11.el8_2.2?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", product: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", product_id: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-11.el8_2.2?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-11.el8_2.2.ppc64le", product: { name: "dnsmasq-0:2.79-11.el8_2.2.ppc64le", product_id: "dnsmasq-0:2.79-11.el8_2.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-11.el8_2.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", product: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", product_id: "dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-11.el8_2.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", product: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", product_id: "dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-11.el8_2.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", product_id: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-11.el8_2.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", product: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", product_id: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-11.el8_2.2?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-11.el8_2.2.x86_64", product: { name: "dnsmasq-0:2.79-11.el8_2.2.x86_64", product_id: "dnsmasq-0:2.79-11.el8_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-11.el8_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", product: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", product_id: "dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-11.el8_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", product: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", product_id: "dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-11.el8_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", product: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", product_id: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-11.el8_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", product: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", product_id: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-11.el8_2.2?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-11.el8_2.2.s390x", product: { name: "dnsmasq-0:2.79-11.el8_2.2.s390x", product_id: "dnsmasq-0:2.79-11.el8_2.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-11.el8_2.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-11.el8_2.2.s390x", product: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.s390x", product_id: "dnsmasq-utils-0:2.79-11.el8_2.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-11.el8_2.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", product: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", product_id: "dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-11.el8_2.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", product: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", product_id: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-11.el8_2.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", product: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", product_id: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-11.el8_2.2?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", }, product_reference: "dnsmasq-0:2.79-11.el8_2.2.aarch64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", }, product_reference: "dnsmasq-0:2.79-11.el8_2.2.ppc64le", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", }, product_reference: "dnsmasq-0:2.79-11.el8_2.2.s390x", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-11.el8_2.2.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", }, product_reference: "dnsmasq-0:2.79-11.el8_2.2.src", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", }, product_reference: "dnsmasq-0:2.79-11.el8_2.2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", }, product_reference: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", }, product_reference: "dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", }, product_reference: "dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", }, product_reference: "dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", }, product_reference: "dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", }, product_reference: "dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", }, product_reference: "dnsmasq-utils-0:2.79-11.el8_2.2.s390x", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.EUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25681", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1881875", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25681", }, { category: "external", summary: "RHBZ#1881875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25681", url: "https://www.cve.org/CVERecord?id=CVE-2020-25681", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25681", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25681", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25682", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1882014", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25682", }, { category: "external", summary: "RHBZ#1882014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25682", url: "https://www.cve.org/CVERecord?id=CVE-2020-25682", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25682", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25682", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25683", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1882018", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25683", }, { category: "external", summary: "RHBZ#1882018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25683", url: "https://www.cve.org/CVERecord?id=CVE-2020-25683", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25683", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25683", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25687", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891568", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25687", }, { category: "external", summary: "RHBZ#1891568", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25687", url: "https://www.cve.org/CVERecord?id=CVE-2020-25687", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25687", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25687", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:37:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0151", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.src", "AppStream-8.2.0.Z.EUS:dnsmasq-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debuginfo-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-debugsource-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-0:2.79-11.el8_2.2.x86_64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.aarch64", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.ppc64le", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.s390x", "AppStream-8.2.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-11.el8_2.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled", }, ], }
rhsa-2021:0245
Vulnerability from csaf_redhat
Published
2021-01-25 15:13
Modified
2024-11-15 07:28
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0245", url: "https://access.redhat.com/errata/RHSA-2021:0245", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0245.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-15T07:28:57+00:00", generator: { date: "2024-11-15T07:28:57+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0245", initial_release_date: "2021-01-25T15:13:22+00:00", revision_history: [ { date: "2021-01-25T15:13:22+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-25T15:13:22+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T07:28:57+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.3)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.3::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", product: { name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", product_id: "7Server-optional-7.3.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.3::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.66-21.el7_3.3.src", product: { name: "dnsmasq-0:2.66-21.el7_3.3.src", product_id: "dnsmasq-0:2.66-21.el7_3.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.66-21.el7_3.3?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.66-21.el7_3.3.x86_64", product: { name: "dnsmasq-0:2.66-21.el7_3.3.x86_64", product_id: "dnsmasq-0:2.66-21.el7_3.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.66-21.el7_3.3?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", product: { name: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", product_id: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.66-21.el7_3.3?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", product: { name: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", product_id: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.66-21.el7_3.3?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-21.el7_3.3.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", }, product_reference: "dnsmasq-0:2.66-21.el7_3.3.src", relates_to_product_reference: "7Server-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-21.el7_3.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", }, product_reference: "dnsmasq-0:2.66-21.el7_3.3.x86_64", relates_to_product_reference: "7Server-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", relates_to_product_reference: "7Server-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", relates_to_product_reference: "7Server-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-21.el7_3.3.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", product_id: "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", }, product_reference: "dnsmasq-0:2.66-21.el7_3.3.src", relates_to_product_reference: "7Server-optional-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-21.el7_3.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", product_id: "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", }, product_reference: "dnsmasq-0:2.66-21.el7_3.3.x86_64", relates_to_product_reference: "7Server-optional-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", product_id: "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", relates_to_product_reference: "7Server-optional-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", product_id: "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", relates_to_product_reference: "7Server-optional-7.3.AUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-25T15:13:22+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0245", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-25T15:13:22+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0245", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-25T15:13:22+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0245", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, ], }
rhsa-2021_0152
Vulnerability from csaf_redhat
Published
2021-01-19 13:11
Modified
2024-11-22 16:15
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 8.1 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)
* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)
* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 8.1 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)\n\n* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0152", url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1881875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", }, { category: "external", summary: "1882014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", }, { category: "external", summary: "1882018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "1891568", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0152.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-22T16:15:10+00:00", generator: { date: "2024-11-22T16:15:10+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0152", initial_release_date: "2021-01-19T13:11:33+00:00", revision_history: [ { date: "2021-01-19T13:11:33+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T13:11:33+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:15:10+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product: { name: "Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_eus:8.1::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-6.el8_1.1.src", product: { name: "dnsmasq-0:2.79-6.el8_1.1.src", product_id: "dnsmasq-0:2.79-6.el8_1.1.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-6.el8_1.1?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-6.el8_1.1.aarch64", product: { name: "dnsmasq-0:2.79-6.el8_1.1.aarch64", product_id: "dnsmasq-0:2.79-6.el8_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-6.el8_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", product: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", product_id: "dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-6.el8_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", product: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", product_id: "dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-6.el8_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", product: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", product_id: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-6.el8_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", product: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", product_id: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-6.el8_1.1?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-6.el8_1.1.ppc64le", product: { name: "dnsmasq-0:2.79-6.el8_1.1.ppc64le", product_id: "dnsmasq-0:2.79-6.el8_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-6.el8_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", product: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", product_id: "dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-6.el8_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", product: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", product_id: "dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-6.el8_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", product_id: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-6.el8_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", product: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", product_id: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-6.el8_1.1?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-6.el8_1.1.x86_64", product: { name: "dnsmasq-0:2.79-6.el8_1.1.x86_64", product_id: "dnsmasq-0:2.79-6.el8_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-6.el8_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", product: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", product_id: "dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-6.el8_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", product: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", product_id: "dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-6.el8_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", product: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", product_id: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-6.el8_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", product: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", product_id: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-6.el8_1.1?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-6.el8_1.1.s390x", product: { name: "dnsmasq-0:2.79-6.el8_1.1.s390x", product_id: "dnsmasq-0:2.79-6.el8_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-6.el8_1.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-6.el8_1.1.s390x", product: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.s390x", product_id: "dnsmasq-utils-0:2.79-6.el8_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-6.el8_1.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", product: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", product_id: "dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-6.el8_1.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", product: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", product_id: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-6.el8_1.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", product: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", product_id: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-6.el8_1.1?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-6.el8_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", }, product_reference: "dnsmasq-0:2.79-6.el8_1.1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-6.el8_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", }, product_reference: "dnsmasq-0:2.79-6.el8_1.1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-6.el8_1.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", }, product_reference: "dnsmasq-0:2.79-6.el8_1.1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-6.el8_1.1.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", }, product_reference: "dnsmasq-0:2.79-6.el8_1.1.src", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-6.el8_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", }, product_reference: "dnsmasq-0:2.79-6.el8_1.1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", }, product_reference: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", }, product_reference: "dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", }, product_reference: "dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", }, product_reference: "dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", }, product_reference: "dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", }, product_reference: "dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", }, product_reference: "dnsmasq-utils-0:2.79-6.el8_1.1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25681", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1881875", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25681", }, { category: "external", summary: "RHBZ#1881875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25681", url: "https://www.cve.org/CVERecord?id=CVE-2020-25681", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25681", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25681", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25682", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1882014", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25682", }, { category: "external", summary: "RHBZ#1882014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25682", url: "https://www.cve.org/CVERecord?id=CVE-2020-25682", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25682", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25682", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25683", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1882018", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25683", }, { category: "external", summary: "RHBZ#1882018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25683", url: "https://www.cve.org/CVERecord?id=CVE-2020-25683", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25683", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25683", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25687", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891568", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25687", }, { category: "external", summary: "RHBZ#1891568", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25687", url: "https://www.cve.org/CVERecord?id=CVE-2020-25687", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25687", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25687", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled", }, ], }
rhsa-2021_0240
Vulnerability from csaf_redhat
Published
2021-01-25 14:29
Modified
2024-11-15 07:29
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0240", url: "https://access.redhat.com/errata/RHSA-2021:0240", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0240.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-15T07:29:04+00:00", generator: { date: "2024-11-15T07:29:04+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0240", initial_release_date: "2021-01-25T14:29:59+00:00", revision_history: [ { date: "2021-01-25T14:29:59+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-25T14:29:59+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T07:29:04+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.2)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.2::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", product: { name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", product_id: "7Server-optional-7.2.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.2::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.66-14.el7_2.3.src", product: { name: "dnsmasq-0:2.66-14.el7_2.3.src", product_id: "dnsmasq-0:2.66-14.el7_2.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.66-14.el7_2.3?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.66-14.el7_2.3.x86_64", product: { name: "dnsmasq-0:2.66-14.el7_2.3.x86_64", product_id: "dnsmasq-0:2.66-14.el7_2.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.66-14.el7_2.3?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", product: { name: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", product_id: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.66-14.el7_2.3?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", product: { name: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", product_id: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.66-14.el7_2.3?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-14.el7_2.3.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", }, product_reference: "dnsmasq-0:2.66-14.el7_2.3.src", relates_to_product_reference: "7Server-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-14.el7_2.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", }, product_reference: "dnsmasq-0:2.66-14.el7_2.3.x86_64", relates_to_product_reference: "7Server-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", relates_to_product_reference: "7Server-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", relates_to_product_reference: "7Server-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-14.el7_2.3.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", product_id: "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", }, product_reference: "dnsmasq-0:2.66-14.el7_2.3.src", relates_to_product_reference: "7Server-optional-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-14.el7_2.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", product_id: "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", }, product_reference: "dnsmasq-0:2.66-14.el7_2.3.x86_64", relates_to_product_reference: "7Server-optional-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", product_id: "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", relates_to_product_reference: "7Server-optional-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.2)", product_id: "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", relates_to_product_reference: "7Server-optional-7.2.AUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-25T14:29:59+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0240", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-25T14:29:59+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0240", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-25T14:29:59+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0240", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.src", "7Server-optional-7.2.AUS:dnsmasq-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-debuginfo-0:2.66-14.el7_2.3.x86_64", "7Server-optional-7.2.AUS:dnsmasq-utils-0:2.66-14.el7_2.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, ], }
rhsa-2021_0245
Vulnerability from csaf_redhat
Published
2021-01-25 15:13
Modified
2024-11-15 07:28
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0245", url: "https://access.redhat.com/errata/RHSA-2021:0245", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0245.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-15T07:28:57+00:00", generator: { date: "2024-11-15T07:28:57+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0245", initial_release_date: "2021-01-25T15:13:22+00:00", revision_history: [ { date: "2021-01-25T15:13:22+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-25T15:13:22+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T07:28:57+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.3)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.3::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", product: { name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", product_id: "7Server-optional-7.3.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.3::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.66-21.el7_3.3.src", product: { name: "dnsmasq-0:2.66-21.el7_3.3.src", product_id: "dnsmasq-0:2.66-21.el7_3.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.66-21.el7_3.3?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.66-21.el7_3.3.x86_64", product: { name: "dnsmasq-0:2.66-21.el7_3.3.x86_64", product_id: "dnsmasq-0:2.66-21.el7_3.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.66-21.el7_3.3?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", product: { name: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", product_id: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.66-21.el7_3.3?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", product: { name: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", product_id: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.66-21.el7_3.3?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-21.el7_3.3.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", }, product_reference: "dnsmasq-0:2.66-21.el7_3.3.src", relates_to_product_reference: "7Server-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-21.el7_3.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", }, product_reference: "dnsmasq-0:2.66-21.el7_3.3.x86_64", relates_to_product_reference: "7Server-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", relates_to_product_reference: "7Server-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", relates_to_product_reference: "7Server-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-21.el7_3.3.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", product_id: "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", }, product_reference: "dnsmasq-0:2.66-21.el7_3.3.src", relates_to_product_reference: "7Server-optional-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.66-21.el7_3.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", product_id: "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", }, product_reference: "dnsmasq-0:2.66-21.el7_3.3.x86_64", relates_to_product_reference: "7Server-optional-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", product_id: "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", relates_to_product_reference: "7Server-optional-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)", product_id: "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", }, product_reference: "dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", relates_to_product_reference: "7Server-optional-7.3.AUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-25T15:13:22+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0245", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-25T15:13:22+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0245", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-25T15:13:22+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0245", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.src", "7Server-optional-7.3.AUS:dnsmasq-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-debuginfo-0:2.66-21.el7_3.3.x86_64", "7Server-optional-7.3.AUS:dnsmasq-utils-0:2.66-21.el7_3.3.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, ], }
rhsa-2021_0155
Vulnerability from csaf_redhat
Published
2021-01-19 17:41
Modified
2024-11-15 07:28
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0155", url: "https://access.redhat.com/errata/RHSA-2021:0155", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0155.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-15T07:28:04+00:00", generator: { date: "2024-11-15T07:28:04+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0155", initial_release_date: "2021-01-19T17:41:47+00:00", revision_history: [ { date: "2021-01-19T17:41:47+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T17:41:47+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T07:28:04+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product: { name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", product: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", product_id: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-7.el7_6.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", product: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", product_id: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-7.el7_6.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-0:2.76-7.el7_6.2.x86_64", product: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64", product_id: "dnsmasq-0:2.76-7.el7_6.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-7.el7_6.2?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", product: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", product_id: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-7.el7_6.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", product_id: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-7.el7_6.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", product: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", product_id: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-7.el7_6.2?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", product: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", product_id: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-7.el7_6.2?arch=ppc64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", product: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", product_id: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-7.el7_6.2?arch=ppc64", }, }, }, { category: "product_version", name: "dnsmasq-0:2.76-7.el7_6.2.ppc64", product: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64", product_id: "dnsmasq-0:2.76-7.el7_6.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-7.el7_6.2?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", product: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", product_id: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-7.el7_6.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", product: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", product_id: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-7.el7_6.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-0:2.76-7.el7_6.2.s390x", product: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x", product_id: "dnsmasq-0:2.76-7.el7_6.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-7.el7_6.2?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-7.el7_6.2.src", product: { name: "dnsmasq-0:2.76-7.el7_6.2.src", product_id: "dnsmasq-0:2.76-7.el7_6.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-7.el7_6.2?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.src", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.src as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.src", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.src", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.src", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.src", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.src", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.s390x", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T17:41:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0155", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T17:41:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0155", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T17:41:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0155", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7ComputeNode-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7ComputeNode-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-7.6.EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-7.6.EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.src", "7Server-optional-Alt-7.6-EUS:dnsmasq-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-debuginfo-0:2.76-7.el7_6.2.x86_64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.ppc64le", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.s390x", "7Server-optional-Alt-7.6-EUS:dnsmasq-utils-0:2.76-7.el7_6.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, ], }
rhsa-2021:0154
Vulnerability from csaf_redhat
Published
2021-01-19 14:11
Modified
2024-11-15 07:27
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.7 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 7.7 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0154", url: "https://access.redhat.com/errata/RHSA-2021:0154", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0154.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-15T07:27:27+00:00", generator: { date: "2024-11-15T07:27:27+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0154", initial_release_date: "2021-01-19T14:11:04+00:00", revision_history: [ { date: "2021-01-19T14:11:04+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T14:11:04+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T07:27:27+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-10.el7_7.2.src", product: { name: "dnsmasq-0:2.76-10.el7_7.2.src", product_id: "dnsmasq-0:2.76-10.el7_7.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-10.el7_7.2?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-10.el7_7.2.x86_64", product: { name: "dnsmasq-0:2.76-10.el7_7.2.x86_64", product_id: "dnsmasq-0:2.76-10.el7_7.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-10.el7_7.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", product: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", product_id: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-10.el7_7.2?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", product: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", product_id: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-10.el7_7.2?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", product: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", product_id: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-10.el7_7.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", product_id: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-10.el7_7.2?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", product: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", product_id: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-10.el7_7.2?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-10.el7_7.2.ppc64", product: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64", product_id: "dnsmasq-0:2.76-10.el7_7.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-10.el7_7.2?arch=ppc64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", product: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", product_id: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-10.el7_7.2?arch=ppc64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", product: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", product_id: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-10.el7_7.2?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-10.el7_7.2.s390x", product: { name: "dnsmasq-0:2.76-10.el7_7.2.s390x", product_id: "dnsmasq-0:2.76-10.el7_7.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-10.el7_7.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", product: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", product_id: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-10.el7_7.2?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", product: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", product_id: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-10.el7_7.2?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.src", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.7)", product_id: "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7ComputeNode-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.src as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.src", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.src", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.src", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.s390x", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T14:11:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0154", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T14:11:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0154", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T14:11:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0154", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7ComputeNode-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7ComputeNode-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.src", "7Server-optional-7.7.EUS:dnsmasq-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-debuginfo-0:2.76-10.el7_7.2.x86_64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.ppc64le", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.s390x", "7Server-optional-7.7.EUS:dnsmasq-utils-0:2.76-10.el7_7.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, ], }
rhsa-2021:0152
Vulnerability from csaf_redhat
Published
2021-01-19 13:11
Modified
2024-11-22 16:15
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 8.1 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)
* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)
* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 8.1 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)\n\n* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0152", url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1881875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", }, { category: "external", summary: "1882014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", }, { category: "external", summary: "1882018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "1891568", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0152.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-22T16:15:10+00:00", generator: { date: "2024-11-22T16:15:10+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0152", initial_release_date: "2021-01-19T13:11:33+00:00", revision_history: [ { date: "2021-01-19T13:11:33+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T13:11:33+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:15:10+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product: { name: "Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_eus:8.1::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-6.el8_1.1.src", product: { name: "dnsmasq-0:2.79-6.el8_1.1.src", product_id: "dnsmasq-0:2.79-6.el8_1.1.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-6.el8_1.1?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-6.el8_1.1.aarch64", product: { name: "dnsmasq-0:2.79-6.el8_1.1.aarch64", product_id: "dnsmasq-0:2.79-6.el8_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-6.el8_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", product: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", product_id: "dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-6.el8_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", product: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", product_id: "dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-6.el8_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", product: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", product_id: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-6.el8_1.1?arch=aarch64", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", product: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", product_id: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-6.el8_1.1?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-6.el8_1.1.ppc64le", product: { name: "dnsmasq-0:2.79-6.el8_1.1.ppc64le", product_id: "dnsmasq-0:2.79-6.el8_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-6.el8_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", product: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", product_id: "dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-6.el8_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", product: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", product_id: "dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-6.el8_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", product_id: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-6.el8_1.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", product: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", product_id: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-6.el8_1.1?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-6.el8_1.1.x86_64", product: { name: "dnsmasq-0:2.79-6.el8_1.1.x86_64", product_id: "dnsmasq-0:2.79-6.el8_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-6.el8_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", product: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", product_id: "dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-6.el8_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", product: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", product_id: "dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-6.el8_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", product: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", product_id: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-6.el8_1.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", product: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", product_id: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-6.el8_1.1?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.79-6.el8_1.1.s390x", product: { name: "dnsmasq-0:2.79-6.el8_1.1.s390x", product_id: "dnsmasq-0:2.79-6.el8_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.79-6.el8_1.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.79-6.el8_1.1.s390x", product: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.s390x", product_id: "dnsmasq-utils-0:2.79-6.el8_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.79-6.el8_1.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", product: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", product_id: "dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debugsource@2.79-6.el8_1.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", product: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", product_id: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.79-6.el8_1.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", product: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", product_id: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils-debuginfo@2.79-6.el8_1.1?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-6.el8_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", }, product_reference: "dnsmasq-0:2.79-6.el8_1.1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-6.el8_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", }, product_reference: "dnsmasq-0:2.79-6.el8_1.1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-6.el8_1.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", }, product_reference: "dnsmasq-0:2.79-6.el8_1.1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-6.el8_1.1.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", }, product_reference: "dnsmasq-0:2.79-6.el8_1.1.src", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.79-6.el8_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", }, product_reference: "dnsmasq-0:2.79-6.el8_1.1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", }, product_reference: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", }, product_reference: "dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", }, product_reference: "dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", }, product_reference: "dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", }, product_reference: "dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", }, product_reference: "dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", }, product_reference: "dnsmasq-utils-0:2.79-6.el8_1.1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.79-6.el8_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)", product_id: "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", }, product_reference: "dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.EUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25681", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1881875", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25681", }, { category: "external", summary: "RHBZ#1881875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25681", url: "https://www.cve.org/CVERecord?id=CVE-2020-25681", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25681", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25681", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25682", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1882014", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25682", }, { category: "external", summary: "RHBZ#1882014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25682", url: "https://www.cve.org/CVERecord?id=CVE-2020-25682", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25682", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25682", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25683", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1882018", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25683", }, { category: "external", summary: "RHBZ#1882018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25683", url: "https://www.cve.org/CVERecord?id=CVE-2020-25683", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25683", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25683", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25687", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891568", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of dnsmasq as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they are not compiled with DNSSEC support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25687", }, { category: "external", summary: "RHBZ#1891568", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25687", url: "https://www.cve.org/CVERecord?id=CVE-2020-25687", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25687", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25687", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T13:11:33+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0152", }, { category: "workaround", details: "The only known way to mitigate this flaw is to disable DNSSEC altogether, by removing the `--dnssec` command line option or the `dnssec` option from dnsmasq configuration file.", product_ids: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.src", "AppStream-8.1.0.Z.EUS:dnsmasq-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debuginfo-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-debugsource-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-0:2.79-6.el8_1.1.x86_64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.aarch64", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.ppc64le", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.s390x", "AppStream-8.1.0.Z.EUS:dnsmasq-utils-debuginfo-0:2.79-6.el8_1.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled", }, ], }
rhsa-2021_0153
Vulnerability from csaf_redhat
Published
2021-01-19 18:02
Modified
2024-11-15 07:27
Summary
Red Hat Security Advisory: dnsmasq security update
Notes
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for dnsmasq is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0153", url: "https://access.redhat.com/errata/RHSA-2021:0153", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0153.json", }, ], title: "Red Hat Security Advisory: dnsmasq security update", tracking: { current_release_date: "2024-11-15T07:27:56+00:00", generator: { date: "2024-11-15T07:27:56+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0153", initial_release_date: "2021-01-19T18:02:16+00:00", revision_history: [ { date: "2021-01-19T18:02:16+00:00", number: "1", summary: "Initial version", }, { date: "2021-01-19T18:02:16+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T07:27:56+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Client (v. 7)", product: { name: "Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Client Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-16.el7_9.1.src", product: { name: "dnsmasq-0:2.76-16.el7_9.1.src", product_id: "dnsmasq-0:2.76-16.el7_9.1.src", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-16.el7_9.1?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-16.el7_9.1.x86_64", product: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64", product_id: "dnsmasq-0:2.76-16.el7_9.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-16.el7_9.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", product: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", product_id: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-16.el7_9.1?arch=x86_64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", product: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", product_id: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-16.el7_9.1?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", product: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", product_id: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-16.el7_9.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", product: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", product_id: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-16.el7_9.1?arch=ppc64le", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", product: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", product_id: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-16.el7_9.1?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-16.el7_9.1.ppc64", product: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64", product_id: "dnsmasq-0:2.76-16.el7_9.1.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-16.el7_9.1?arch=ppc64", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", product: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", product_id: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-16.el7_9.1?arch=ppc64", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", product: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", product_id: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-16.el7_9.1?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "dnsmasq-0:2.76-16.el7_9.1.s390x", product: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x", product_id: "dnsmasq-0:2.76-16.el7_9.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq@2.76-16.el7_9.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", product: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", product_id: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-debuginfo@2.76-16.el7_9.1?arch=s390x", }, }, }, { category: "product_version", name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", product: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", product_id: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/dnsmasq-utils@2.76-16.el7_9.1?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Client-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.src", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.s390x", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", }, product_reference: "dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T18:02:16+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0153", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T18:02:16+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0153", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-01-19T18:02:16+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0153", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Client-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Client-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7ComputeNode-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7ComputeNode-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Server-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Server-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.src", "7Workstation-optional-7.9.Z:dnsmasq-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-debuginfo-0:2.76-16.el7_9.1.x86_64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.ppc64le", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.s390x", "7Workstation-optional-7.9.Z:dnsmasq-utils-0:2.76-16.el7_9.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, ], }
RHSA-2021:0401
Vulnerability from csaf_redhat
Published
2021-02-03 16:14
Modified
2024-11-15 11:45
Summary
Red Hat Security Advisory: Red Hat Virtualization Host security bug fix and enhancement update [ovirt-4.4.4]
Notes
Topic
An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
Security Fix(es):
* sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)
* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Previously, the Red Hat Virtualization Host (RHV-H) repository (rhvh-4-for-rhel-8-x86_64-rpms) did not include the libsmbclient package, which is a dependency for the sssd-ad package. Consequently, the sssd-ad package failed to install.
With this update, the libsmbclient is now in the RHV-H repository, and sssd-ad now installs on RHV-H. (BZ#1868967)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. \n\nSecurity Fix(es):\n\n* sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Previously, the Red Hat Virtualization Host (RHV-H) repository (rhvh-4-for-rhel-8-x86_64-rpms) did not include the libsmbclient package, which is a dependency for the sssd-ad package. Consequently, the sssd-ad package failed to install.\n\nWith this update, the libsmbclient is now in the RHV-H repository, and sssd-ad now installs on RHV-H. (BZ#1868967)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0401", url: "https://access.redhat.com/errata/RHSA-2021:0401", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-002", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-002", }, { category: "external", summary: "1850939", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1850939", }, { category: "external", summary: "1868967", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1868967", }, { category: "external", summary: "1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "1902315", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1902315", }, { category: "external", summary: "1902646", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1902646", }, { category: "external", summary: "1909644", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1909644", }, { category: "external", summary: "1917684", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1917684", }, { category: "external", summary: "1921553", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1921553", }, { category: "external", summary: "1923126", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1923126", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0401.json", }, ], title: "Red Hat Security Advisory: Red Hat Virtualization Host security bug fix and enhancement update [ovirt-4.4.4]", tracking: { current_release_date: "2024-11-15T11:45:58+00:00", generator: { date: "2024-11-15T11:45:58+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0401", initial_release_date: "2021-02-03T16:14:40+00:00", revision_history: [ { date: "2021-02-03T16:14:40+00:00", number: "1", summary: "Initial version", }, { date: "2021-02-03T16:14:40+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T11:45:58+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Virtualization 4 Hypervisor for RHEL 8", product: { name: "Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4", product_identification_helper: { cpe: "cpe:/o:redhat:rhev_hypervisor:4.4::el8", }, }, }, { category: "product_name", name: "RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product: { name: "RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4", product_identification_helper: { cpe: "cpe:/o:redhat:rhev_hypervisor:4.4::el8", }, }, }, { category: "product_name", name: "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product: { name: "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4", product_identification_helper: { cpe: "cpe:/o:redhat:rhev_hypervisor:4.4::el8", }, }, }, ], category: "product_family", name: "Red Hat Virtualization", }, { branches: [ { category: "product_version", name: "libsmbclient-0:4.12.3-12.el8.3.x86_64", product: { name: "libsmbclient-0:4.12.3-12.el8.3.x86_64", product_id: "libsmbclient-0:4.12.3-12.el8.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsmbclient@4.12.3-12.el8.3?arch=x86_64", }, }, }, { category: "product_version", name: "samba-debugsource-0:4.12.3-12.el8.3.x86_64", product: { name: "samba-debugsource-0:4.12.3-12.el8.3.x86_64", product_id: "samba-debugsource-0:4.12.3-12.el8.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/samba-debugsource@4.12.3-12.el8.3?arch=x86_64", }, }, }, { category: "product_version", name: "libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", product: { name: "libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", product_id: "libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsmbclient-debuginfo@4.12.3-12.el8.3?arch=x86_64", }, }, }, { category: "product_version", name: "samba-debuginfo-0:4.12.3-12.el8.3.x86_64", product: { name: "samba-debuginfo-0:4.12.3-12.el8.3.x86_64", product_id: "samba-debuginfo-0:4.12.3-12.el8.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/samba-debuginfo@4.12.3-12.el8.3?arch=x86_64", }, }, }, { category: "product_version", name: "libipa_hbac-0:2.3.0-9.el8.x86_64", product: { name: "libipa_hbac-0:2.3.0-9.el8.x86_64", product_id: "libipa_hbac-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libipa_hbac@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_autofs-0:2.3.0-9.el8.x86_64", product: { name: "libsss_autofs-0:2.3.0-9.el8.x86_64", product_id: "libsss_autofs-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_autofs@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_certmap-0:2.3.0-9.el8.x86_64", product: { name: "libsss_certmap-0:2.3.0-9.el8.x86_64", product_id: "libsss_certmap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_certmap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_idmap-0:2.3.0-9.el8.x86_64", product: { name: "libsss_idmap-0:2.3.0-9.el8.x86_64", product_id: "libsss_idmap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_idmap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_nss_idmap-0:2.3.0-9.el8.x86_64", product: { name: "libsss_nss_idmap-0:2.3.0-9.el8.x86_64", product_id: "libsss_nss_idmap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_nss_idmap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", product: { name: "libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", product_id: "libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_nss_idmap-devel@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_simpleifp-0:2.3.0-9.el8.x86_64", product: { name: "libsss_simpleifp-0:2.3.0-9.el8.x86_64", product_id: "libsss_simpleifp-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_simpleifp@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_sudo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_sudo-0:2.3.0-9.el8.x86_64", product_id: "libsss_sudo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_sudo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-libipa_hbac-0:2.3.0-9.el8.x86_64", product: { name: "python3-libipa_hbac-0:2.3.0-9.el8.x86_64", product_id: "python3-libipa_hbac-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-libipa_hbac@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", product: { name: "python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", product_id: "python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-libsss_nss_idmap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-sss-0:2.3.0-9.el8.x86_64", product: { name: "python3-sss-0:2.3.0-9.el8.x86_64", product_id: "python3-sss-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-sss@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-sss-murmur-0:2.3.0-9.el8.x86_64", product: { name: "python3-sss-murmur-0:2.3.0-9.el8.x86_64", product_id: "python3-sss-murmur-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-sss-murmur@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-0:2.3.0-9.el8.x86_64", product: { name: "sssd-0:2.3.0-9.el8.x86_64", product_id: "sssd-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-ad-0:2.3.0-9.el8.x86_64", product: { name: "sssd-ad-0:2.3.0-9.el8.x86_64", product_id: "sssd-ad-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-ad@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-client-0:2.3.0-9.el8.x86_64", product: { name: "sssd-client-0:2.3.0-9.el8.x86_64", product_id: "sssd-client-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-client@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-common-0:2.3.0-9.el8.x86_64", product: { name: "sssd-common-0:2.3.0-9.el8.x86_64", product_id: "sssd-common-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-common@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-common-pac-0:2.3.0-9.el8.x86_64", product: { name: "sssd-common-pac-0:2.3.0-9.el8.x86_64", product_id: "sssd-common-pac-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-common-pac@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-dbus-0:2.3.0-9.el8.x86_64", product: { name: "sssd-dbus-0:2.3.0-9.el8.x86_64", product_id: "sssd-dbus-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-dbus@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-ipa-0:2.3.0-9.el8.x86_64", product: { name: "sssd-ipa-0:2.3.0-9.el8.x86_64", product_id: "sssd-ipa-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-ipa@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-kcm-0:2.3.0-9.el8.x86_64", product: { name: "sssd-kcm-0:2.3.0-9.el8.x86_64", product_id: "sssd-kcm-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-kcm@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-krb5-0:2.3.0-9.el8.x86_64", product: { name: "sssd-krb5-0:2.3.0-9.el8.x86_64", product_id: "sssd-krb5-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-krb5@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-krb5-common-0:2.3.0-9.el8.x86_64", product: { name: "sssd-krb5-common-0:2.3.0-9.el8.x86_64", product_id: "sssd-krb5-common-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-krb5-common@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-ldap-0:2.3.0-9.el8.x86_64", product: { name: "sssd-ldap-0:2.3.0-9.el8.x86_64", product_id: "sssd-ldap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-ldap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-libwbclient-0:2.3.0-9.el8.x86_64", product: { name: "sssd-libwbclient-0:2.3.0-9.el8.x86_64", product_id: "sssd-libwbclient-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-libwbclient@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", product: { name: "sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", product_id: "sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-nfs-idmap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-polkit-rules-0:2.3.0-9.el8.x86_64", product: { name: "sssd-polkit-rules-0:2.3.0-9.el8.x86_64", product_id: "sssd-polkit-rules-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-polkit-rules@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-proxy-0:2.3.0-9.el8.x86_64", product: { name: "sssd-proxy-0:2.3.0-9.el8.x86_64", product_id: "sssd-proxy-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-proxy@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-tools-0:2.3.0-9.el8.x86_64", product: { name: "sssd-tools-0:2.3.0-9.el8.x86_64", product_id: "sssd-tools-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-tools@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", product: { name: "sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", product_id: "sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-winbind-idmap@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-debugsource-0:2.3.0-9.el8.x86_64", product: { name: "sssd-debugsource-0:2.3.0-9.el8.x86_64", product_id: "sssd-debugsource-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-debugsource@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libipa_hbac-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_autofs-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_certmap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_idmap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_nss_idmap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_simpleifp-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libsss_sudo-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-libipa_hbac-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-libsss_nss_idmap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-sss-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-sss-murmur-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-ad-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-client-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-common-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-common-pac-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-dbus-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-ipa-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-kcm-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-krb5-common-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-krb5-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-ldap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-libwbclient-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-nfs-idmap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-proxy-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-tools-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", product: { name: "sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_id: "sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/sssd-winbind-idmap-debuginfo@2.3.0-9.el8?arch=x86_64", }, }, }, { category: "product_version", name: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", product: { name: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", product_id: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-release-virtualization-host@4.4.4-1.el8ev?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "samba-0:4.12.3-12.el8.3.src", product: { name: "samba-0:4.12.3-12.el8.3.src", product_id: "samba-0:4.12.3-12.el8.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/samba@4.12.3-12.el8.3?arch=src", }, }, }, { category: "product_version", name: "sssd-0:2.3.0-9.el8.src", product: { name: "sssd-0:2.3.0-9.el8.src", product_id: "sssd-0:2.3.0-9.el8.src", product_identification_helper: { purl: "pkg:rpm/redhat/sssd@2.3.0-9.el8?arch=src", }, }, }, { category: "product_version", name: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", product: { name: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", product_id: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-release-virtualization-host@4.4.4-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "cockpit-ovirt-0:0.14.17-1.el8ev.src", product: { name: "cockpit-ovirt-0:0.14.17-1.el8ev.src", product_id: "cockpit-ovirt-0:0.14.17-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/cockpit-ovirt@0.14.17-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "imgbased-0:1.2.16-0.1.el8ev.src", product: { name: "imgbased-0:1.2.16-0.1.el8ev.src", product_id: "imgbased-0:1.2.16-0.1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/imgbased@1.2.16-0.1.el8ev?arch=src", }, }, }, { category: "product_version", name: "redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", product: { name: "redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", product_id: "redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-virtualization-host@4.4.4-20210201.0.el8_3?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "python3-sssdconfig-0:2.3.0-9.el8.noarch", product: { name: "python3-sssdconfig-0:2.3.0-9.el8.noarch", product_id: "python3-sssdconfig-0:2.3.0-9.el8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3-sssdconfig@2.3.0-9.el8?arch=noarch", }, }, }, { category: "product_version", name: "redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", product: { name: "redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", product_id: "redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-virtualization-host-image-update-placeholder@4.4.4-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", product: { name: "cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", product_id: "cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/cockpit-ovirt-dashboard@0.14.17-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "imgbased-0:1.2.16-0.1.el8ev.noarch", product: { name: "imgbased-0:1.2.16-0.1.el8ev.noarch", product_id: "imgbased-0:1.2.16-0.1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/imgbased@1.2.16-0.1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "python3-imgbased-0:1.2.16-0.1.el8ev.noarch", product: { name: "python3-imgbased-0:1.2.16-0.1.el8ev.noarch", product_id: "python3-imgbased-0:1.2.16-0.1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3-imgbased@1.2.16-0.1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", product: { name: "redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", product_id: "redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/redhat-virtualization-host-image-update@4.4.4-20210201.0.el8_3?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cockpit-ovirt-0:0.14.17-1.el8ev.src as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", }, product_reference: "cockpit-ovirt-0:0.14.17-1.el8ev.src", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", }, product_reference: "cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "libipa_hbac-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", }, product_reference: "libipa_hbac-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsmbclient-0:4.12.3-12.el8.3.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", }, product_reference: "libsmbclient-0:4.12.3-12.el8.3.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", }, product_reference: "libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_autofs-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_autofs-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_certmap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_certmap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_idmap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_idmap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_nss_idmap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_nss_idmap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_simpleifp-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_simpleifp-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_sudo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_sudo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-libipa_hbac-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-libipa_hbac-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-sss-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-sss-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-sss-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-sss-murmur-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-sss-murmur-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "python3-sssdconfig-0:2.3.0-9.el8.noarch as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", }, product_reference: "python3-sssdconfig-0:2.3.0-9.el8.noarch", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", }, product_reference: "redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", }, product_reference: "redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "samba-0:4.12.3-12.el8.3.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", }, product_reference: "samba-0:4.12.3-12.el8.3.src", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "samba-debuginfo-0:4.12.3-12.el8.3.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", }, product_reference: "samba-debuginfo-0:4.12.3-12.el8.3.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "samba-debugsource-0:4.12.3-12.el8.3.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", }, product_reference: "samba-debugsource-0:4.12.3-12.el8.3.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-0:2.3.0-9.el8.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", }, product_reference: "sssd-0:2.3.0-9.el8.src", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-ad-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-ad-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-client-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-client-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-client-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-common-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-common-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-common-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-common-pac-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-common-pac-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-dbus-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-dbus-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-debugsource-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-debugsource-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-ipa-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-ipa-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-kcm-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-kcm-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-krb5-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-krb5-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-krb5-common-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-krb5-common-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-ldap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-ldap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-libwbclient-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-libwbclient-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-nfs-idmap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-polkit-rules-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-polkit-rules-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-proxy-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-proxy-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-tools-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-tools-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-winbind-idmap-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", product_id: "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", }, product_reference: "sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", relates_to_product_reference: "8Base-RHV-Hypervisor-4", }, { category: "default_component_of", full_product_name: { name: "imgbased-0:1.2.16-0.1.el8ev.noarch as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", }, product_reference: "imgbased-0:1.2.16-0.1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-HypervisorBuild-4", }, { category: "default_component_of", full_product_name: { name: "imgbased-0:1.2.16-0.1.el8ev.src as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", }, product_reference: "imgbased-0:1.2.16-0.1.el8ev.src", relates_to_product_reference: "8Base-RHV-HypervisorBuild-4", }, { category: "default_component_of", full_product_name: { name: "python3-imgbased-0:1.2.16-0.1.el8ev.noarch as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", }, product_reference: "python3-imgbased-0:1.2.16-0.1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-HypervisorBuild-4", }, { category: "default_component_of", full_product_name: { name: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.src as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", }, product_reference: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", relates_to_product_reference: "8Base-RHV-HypervisorBuild-4", }, { category: "default_component_of", full_product_name: { name: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64 as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", }, product_reference: "redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-HypervisorBuild-4", }, { category: "default_component_of", full_product_name: { name: "redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", product_id: "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", }, product_reference: "redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-HypervisorBuild-4", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25684", cwe: { id: "CWE-358", name: "Improperly Implemented Security Check for Standard", }, discovery_date: "2020-09-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889686", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], known_not_affected: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "RHBZ#1889686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25684", url: "https://www.cve.org/CVERecord?id=CVE-2020-25684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25684", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T16:14:40+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891\n\nAfter installing this update, the smb service will be restarted automatically.", product_ids: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0401", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default).\n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25685", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, discovery_date: "2020-09-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889688", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], known_not_affected: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "RHBZ#1889688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25685", url: "https://www.cve.org/CVERecord?id=CVE-2020-25685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25685", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T16:14:40+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891\n\nAfter installing this update, the smb service will be restarted automatically.", product_ids: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0401", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker", }, { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", }, ], cve: "CVE-2020-25686", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, discovery_date: "2020-09-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1890125", }, ], notes: [ { category: "description", text: "A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", title: "Vulnerability summary", }, { category: "other", text: "Dnsmasq may be run by libvirt and/or NetworkManager. libvirt uses dnsmasq by default to provide DNS service to its guests. NetworkManager may be configured to use dnsmasq to provide DNS service to the system, if a line `dns=dnsmasq` is present in the `[main]` section of the configuration file /etc/NetworkManager/NetworkManager.conf.\n\nIn Red Hat OpenStack Platform (RHOSP) and Red Hat Virtualization (RHV), the dnsmasq package is provided by the underlying Red Hat Enterprise Linux (RHEL) product. RHOSP and RHV are therefore indirectly affected, so please ensure that the underlying RHEL dnsmasq package is updated.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], known_not_affected: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "RHBZ#1890125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { category: "external", summary: "RHSB-2021-001", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-001", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25686", url: "https://www.cve.org/CVERecord?id=CVE-2020-25686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { category: "external", summary: "https://www.jsof-tech.com/disclosures/dnspooq/", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T16:14:40+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891\n\nAfter installing this update, the smb service will be restarted automatically.", product_ids: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0401", }, { category: "workaround", details: "The impact of this flaw can be reduced by disabling the dnsmasq cache by adding `--cache-size=0` when calling dnsmasq or by adding a line with `cache-size=0` to the dnsmasq configuration file (/etc/dnsmasq.conf by default). \n\nWhen using Red Hat Enterprise Linux 8.3 with libvirt through a virt:rhel module, use `virsh net-edit <network-name>` and reference https://libvirt.org/formatnetwork.html#elementsNamespaces to add the suggested option `cache-size=0`. \n\nThere is no way to customize the dnsmasq configuration generated by libvirt, when using versions of Red Hat Enterprise Linux prior to version 8.3. If dnsmasq is being run through NetworkManager, create a new file in /etc/NetworkManager/dnsmasq.d/ and add `cache-size=0` to it.\n\nIn all cases, by disabling the cache, you may experience a performance loss in your environment due to all DNS queries being forwarded to the upstream servers. Please evaluate if the mitigation is appropriate for the system’s environment before applying.", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker", }, { cve: "CVE-2021-3156", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2021-01-19T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1917684", }, ], notes: [ { category: "description", text: "A flaw was found in sudo. A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user who can execute the sudo command (by default, any local user can execute sudo) without authentication. Successful exploitation of this flaw could lead to privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "sudo: Heap buffer overflow in argument parsing", title: "Vulnerability summary", }, { category: "other", text: "This flaw does not affect the versions of sudo shipped with Red Hat Enterprise Linux 5, because the vulnerable code was not present in these versions.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], known_not_affected: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-3156", }, { category: "external", summary: "RHBZ#1917684", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1917684", }, { category: "external", summary: "RHSB-2021-002", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-002", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-3156", url: "https://www.cve.org/CVERecord?id=CVE-2021-3156", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-3156", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-3156", }, { category: "external", summary: "https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt", url: "https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt", }, { category: "external", summary: "https://www.sudo.ws/alerts/unescape_overflow.html", url: "https://www.sudo.ws/alerts/unescape_overflow.html", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2021-01-26T18:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-03T16:14:40+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891\n\nAfter installing this update, the smb service will be restarted automatically.", product_ids: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0401", }, { category: "workaround", details: "Red Hat Product Security strongly recommends customers to update to fixed sudo packages once they are available. For customers who cannot update immediately, the following interim partial mitigation using systemtap is suggested:\n\n1. Install required systemtap packages and dependencies: \n```\nsystemtap yum-utils kernel-devel-\"$(uname -r)\"\n```\n\nThen for RHEL 7 install kernel debuginfo, using:\n```\ndebuginfo-install -y kernel-\"$(uname -r)\" \n```\nThen for RHEL 8 & 6 install sudo debuginfo, using:\n```\ndebuginfo-install sudo\n```\n \n2. Create the following systemtap script: (call the file as sudoedit-block.stap)\n```\nprobe process(\"/usr/bin/sudo\").function(\"main\") {\n command = cmdline_args(0,0,\"\");\n if (isinstr(command, \"edit\")) {\n raise(9);\n }\n}\n```\n3. Install the script using the following command: (using root)\n```\n# nohup stap -g sudoedit-block.stap &\n```\n(This should output the PID number of the systemtap script)\n\nThis script will cause the vulnerable sudoedit binary to stop working. The sudo command will still work as usual.\nThe above change does not persist across reboots and must be applied after each reboot.\n\nPlease consult How to make a systemtap kernel module load persistently across reboots? (https://access.redhat.com/solutions/5752521) to learn how to\nturn this into a service managed by initd. \n\n4. Once the new fixed packages are installed, the systemtap script can be removed by killing the systemtap process. For example, by using:\n```\n# kill -s SIGTERM 7590\n```\n(where 7590 is the PID of the systemtap process)", product_ids: [ "8Base-RHV-Agents-4:cockpit-ovirt-0:0.14.17-1.el8ev.src", "8Base-RHV-Agents-4:cockpit-ovirt-dashboard-0:0.14.17-1.el8ev.noarch", "8Base-RHV-Hypervisor-4:libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsmbclient-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_autofs-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_certmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_nss_idmap-devel-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_simpleifp-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:libsss_sudo-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libipa_hbac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-libsss_nss_idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sss-murmur-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:python3-sssdconfig-0:2.3.0-9.el8.noarch", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", "8Base-RHV-Hypervisor-4:samba-0:4.12.3-12.el8.3.src", "8Base-RHV-Hypervisor-4:samba-debuginfo-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:samba-debugsource-0:4.12.3-12.el8.3.x86_64", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.src", "8Base-RHV-Hypervisor-4:sssd-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ad-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-client-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-common-pac-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-dbus-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-debugsource-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ipa-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-kcm-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-common-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-krb5-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-ldap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-libwbclient-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-nfs-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-polkit-rules-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-proxy-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-tools-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-0:2.3.0-9.el8.x86_64", "8Base-RHV-Hypervisor-4:sssd-winbind-idmap-debuginfo-0:2.3.0-9.el8.x86_64", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:imgbased-0:1.2.16-0.1.el8ev.src", "8Base-RHV-HypervisorBuild-4:python3-imgbased-0:1.2.16-0.1.el8ev.noarch", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.4-1.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.4-1.el8ev.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.4-20210201.0.el8_3.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.4-20210201.0.el8_3.noarch", ], }, ], threats: [ { category: "exploit_status", date: "2022-04-06T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "sudo: Heap buffer overflow in argument parsing", }, ], }
suse-su-2021:14604-1
Vulnerability from csaf_suse
Published
2021-01-19 11:11
Modified
2021-01-19 11:11
Summary
Security update for dnsmasq
Notes
Title of the patch
Security update for dnsmasq
Description of the patch
This update for dnsmasq fixes the following issues:
Security issues fixed:
- CVE-2020-25684, CVE-2020-25685, CVE-2020-25686: Fixed multiple Cache Poisoning attacks (bsc#1177077).
- CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687: Fixed multiple potential Heap-based overflows when DNSSEC is enabled (bsc#1177077).
Non-security issue fixed:
- Retry query to other servers on receipt of SERVFAIL rcode (bsc#1176076).
Patchnames
sleposp3-dnsmasq-14604
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for dnsmasq", title: "Title of the patch", }, { category: "description", text: "This update for dnsmasq fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2020-25684, CVE-2020-25685, CVE-2020-25686: Fixed multiple Cache Poisoning attacks (bsc#1177077).\n- CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687: Fixed multiple potential Heap-based overflows when DNSSEC is enabled (bsc#1177077).\n\nNon-security issue fixed:\n\n- Retry query to other servers on receipt of SERVFAIL rcode (bsc#1176076).\n", title: "Description of the patch", }, { category: "details", text: "sleposp3-dnsmasq-14604", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_14604-1.json", }, { category: "self", summary: "URL for SUSE-SU-2021:14604-1", url: "https://www.suse.com/support/update/announcement/2021/suse-su-202114604-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2021:14604-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008226.html", }, { category: "self", summary: "SUSE Bug 1176076", url: "https://bugzilla.suse.com/1176076", }, { category: "self", summary: "SUSE Bug 1177077", url: "https://bugzilla.suse.com/1177077", }, { category: "self", summary: "SUSE CVE CVE-2020-25681 page", url: "https://www.suse.com/security/cve/CVE-2020-25681/", }, { category: "self", summary: "SUSE CVE CVE-2020-25682 page", url: "https://www.suse.com/security/cve/CVE-2020-25682/", }, { category: "self", summary: "SUSE CVE CVE-2020-25683 page", url: "https://www.suse.com/security/cve/CVE-2020-25683/", }, { category: "self", summary: "SUSE CVE CVE-2020-25684 page", url: "https://www.suse.com/security/cve/CVE-2020-25684/", }, { category: "self", summary: "SUSE CVE CVE-2020-25685 page", url: "https://www.suse.com/security/cve/CVE-2020-25685/", }, { category: "self", summary: "SUSE CVE CVE-2020-25686 page", url: "https://www.suse.com/security/cve/CVE-2020-25686/", }, { category: "self", summary: "SUSE CVE CVE-2020-25687 page", url: "https://www.suse.com/security/cve/CVE-2020-25687/", }, ], title: "Security update for dnsmasq", tracking: { current_release_date: "2021-01-19T11:11:47Z", generator: { date: "2021-01-19T11:11:47Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2021:14604-1", initial_release_date: "2021-01-19T11:11:47Z", revision_history: [ { date: "2021-01-19T11:11:47Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "dnsmasq-2.78-0.16.14.1.i586", product: { name: "dnsmasq-2.78-0.16.14.1.i586", product_id: "dnsmasq-2.78-0.16.14.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Point of Sale 11 SP3", product: { name: "SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-pos:11:sp3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-0.16.14.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", }, product_reference: "dnsmasq-2.78-0.16.14.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, ], }, vulnerabilities: [ { cve: "CVE-2020-25681", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25681", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, references: [ { category: "external", summary: "CVE-2020-25681", url: "https://www.suse.com/security/cve/CVE-2020-25681", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25681", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:47Z", details: "important", }, ], title: "CVE-2020-25681", }, { cve: "CVE-2020-25682", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25682", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, references: [ { category: "external", summary: "CVE-2020-25682", url: "https://www.suse.com/security/cve/CVE-2020-25682", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25682", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:47Z", details: "important", }, ], title: "CVE-2020-25682", }, { cve: "CVE-2020-25683", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25683", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, references: [ { category: "external", summary: "CVE-2020-25683", url: "https://www.suse.com/security/cve/CVE-2020-25683", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25683", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:47Z", details: "important", }, ], title: "CVE-2020-25683", }, { cve: "CVE-2020-25684", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25684", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, references: [ { category: "external", summary: "CVE-2020-25684", url: "https://www.suse.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25684", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:47Z", details: "important", }, ], title: "CVE-2020-25684", }, { cve: "CVE-2020-25685", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25685", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, references: [ { category: "external", summary: "CVE-2020-25685", url: "https://www.suse.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25685", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:47Z", details: "important", }, ], title: "CVE-2020-25685", }, { cve: "CVE-2020-25686", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25686", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, references: [ { category: "external", summary: "CVE-2020-25686", url: "https://www.suse.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25686", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:47Z", details: "important", }, ], title: "CVE-2020-25686", }, { cve: "CVE-2020-25687", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25687", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, references: [ { category: "external", summary: "CVE-2020-25687", url: "https://www.suse.com/security/cve/CVE-2020-25687", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25687", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:dnsmasq-2.78-0.16.14.1.i586", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:47Z", details: "important", }, ], title: "CVE-2020-25687", }, ], }
suse-su-2021:0163-1
Vulnerability from csaf_suse
Published
2021-01-19 11:11
Modified
2021-01-19 11:11
Summary
Security update for dnsmasq
Notes
Title of the patch
Security update for dnsmasq
Description of the patch
This update for dnsmasq fixes the following issues:
- bsc#1177077: Fixed DNSpooq vulnerabilities
- CVE-2020-25684, CVE-2020-25685, CVE-2020-25686:
Fixed multiple Cache Poisoning attacks.
- CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687:
Fixed multiple potential Heap-based overflows when DNSSEC is
enabled.
- Retry query to other servers on receipt of SERVFAIL rcode
(bsc#1176076)
Patchnames
SUSE-2021-163,SUSE-SLE-Module-Basesystem-15-SP1-2021-163,SUSE-SLE-Module-Basesystem-15-SP2-2021-163
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for dnsmasq", title: "Title of the patch", }, { category: "description", text: "This update for dnsmasq fixes the following issues:\n\n- bsc#1177077: Fixed DNSpooq vulnerabilities\n- CVE-2020-25684, CVE-2020-25685, CVE-2020-25686:\n Fixed multiple Cache Poisoning attacks.\n- CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687:\n Fixed multiple potential Heap-based overflows when DNSSEC is\n enabled.\n\n- Retry query to other servers on receipt of SERVFAIL rcode\n (bsc#1176076)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2021-163,SUSE-SLE-Module-Basesystem-15-SP1-2021-163,SUSE-SLE-Module-Basesystem-15-SP2-2021-163", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_0163-1.json", }, { category: "self", summary: "URL for SUSE-SU-2021:0163-1", url: "https://www.suse.com/support/update/announcement/2021/suse-su-20210163-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2021:0163-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008222.html", }, { category: "self", summary: "SUSE Bug 1176076", url: "https://bugzilla.suse.com/1176076", }, { category: "self", summary: "SUSE Bug 1177077", url: "https://bugzilla.suse.com/1177077", }, { category: "self", summary: "SUSE CVE CVE-2020-25681 page", url: "https://www.suse.com/security/cve/CVE-2020-25681/", }, { category: "self", summary: "SUSE CVE CVE-2020-25682 page", url: "https://www.suse.com/security/cve/CVE-2020-25682/", }, { category: "self", summary: "SUSE CVE CVE-2020-25683 page", url: "https://www.suse.com/security/cve/CVE-2020-25683/", }, { category: "self", summary: "SUSE CVE CVE-2020-25684 page", url: "https://www.suse.com/security/cve/CVE-2020-25684/", }, { category: "self", summary: "SUSE CVE CVE-2020-25685 page", url: "https://www.suse.com/security/cve/CVE-2020-25685/", }, { category: "self", summary: "SUSE CVE CVE-2020-25686 page", url: "https://www.suse.com/security/cve/CVE-2020-25686/", }, { category: "self", summary: "SUSE CVE CVE-2020-25687 page", url: "https://www.suse.com/security/cve/CVE-2020-25687/", }, ], title: "Security update for dnsmasq", tracking: { current_release_date: "2021-01-19T11:11:16Z", generator: { date: "2021-01-19T11:11:16Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2021:0163-1", initial_release_date: "2021-01-19T11:11:16Z", revision_history: [ { date: "2021-01-19T11:11:16Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "dnsmasq-2.78-7.6.1.aarch64", product: { name: "dnsmasq-2.78-7.6.1.aarch64", product_id: "dnsmasq-2.78-7.6.1.aarch64", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-7.6.1.aarch64", product: { name: "dnsmasq-utils-2.78-7.6.1.aarch64", product_id: "dnsmasq-utils-2.78-7.6.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "dnsmasq-2.78-7.6.1.i586", product: { name: "dnsmasq-2.78-7.6.1.i586", product_id: "dnsmasq-2.78-7.6.1.i586", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-7.6.1.i586", product: { name: "dnsmasq-utils-2.78-7.6.1.i586", product_id: "dnsmasq-utils-2.78-7.6.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "dnsmasq-2.78-7.6.1.ppc64le", product: { name: "dnsmasq-2.78-7.6.1.ppc64le", product_id: "dnsmasq-2.78-7.6.1.ppc64le", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-7.6.1.ppc64le", product: { name: "dnsmasq-utils-2.78-7.6.1.ppc64le", product_id: "dnsmasq-utils-2.78-7.6.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-2.78-7.6.1.s390x", product: { name: "dnsmasq-2.78-7.6.1.s390x", product_id: "dnsmasq-2.78-7.6.1.s390x", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-7.6.1.s390x", product: { name: "dnsmasq-utils-2.78-7.6.1.s390x", product_id: "dnsmasq-utils-2.78-7.6.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "dnsmasq-2.78-7.6.1.x86_64", product: { name: "dnsmasq-2.78-7.6.1.x86_64", product_id: "dnsmasq-2.78-7.6.1.x86_64", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-7.6.1.x86_64", product: { name: "dnsmasq-utils-2.78-7.6.1.x86_64", product_id: "dnsmasq-utils-2.78-7.6.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15 SP1", product: { name: "SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15 SP2", product: { name: "SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15:sp2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-7.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", }, product_reference: "dnsmasq-2.78-7.6.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-7.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", }, product_reference: "dnsmasq-2.78-7.6.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-7.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", }, product_reference: "dnsmasq-2.78-7.6.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-7.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", }, product_reference: "dnsmasq-2.78-7.6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-7.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", }, product_reference: "dnsmasq-2.78-7.6.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-7.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", }, product_reference: "dnsmasq-2.78-7.6.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-7.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", }, product_reference: "dnsmasq-2.78-7.6.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-7.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", }, product_reference: "dnsmasq-2.78-7.6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-25681", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25681", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25681", url: "https://www.suse.com/security/cve/CVE-2020-25681", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25681", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:16Z", details: "important", }, ], title: "CVE-2020-25681", }, { cve: "CVE-2020-25682", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25682", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25682", url: "https://www.suse.com/security/cve/CVE-2020-25682", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25682", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:16Z", details: "important", }, ], title: "CVE-2020-25682", }, { cve: "CVE-2020-25683", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25683", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25683", url: "https://www.suse.com/security/cve/CVE-2020-25683", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25683", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:16Z", details: "important", }, ], title: "CVE-2020-25683", }, { cve: "CVE-2020-25684", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25684", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25684", url: "https://www.suse.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25684", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:16Z", details: "important", }, ], title: "CVE-2020-25684", }, { cve: "CVE-2020-25685", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25685", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25685", url: "https://www.suse.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25685", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:16Z", details: "important", }, ], title: "CVE-2020-25685", }, { cve: "CVE-2020-25686", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25686", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25686", url: "https://www.suse.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25686", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:16Z", details: "important", }, ], title: "CVE-2020-25686", }, { cve: "CVE-2020-25687", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25687", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25687", url: "https://www.suse.com/security/cve/CVE-2020-25687", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25687", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.6.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:dnsmasq-2.78-7.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:16Z", details: "important", }, ], title: "CVE-2020-25687", }, ], }
suse-su-2021:14603-1
Vulnerability from csaf_suse
Published
2021-01-19 11:11
Modified
2021-01-19 11:11
Summary
Security update for dnsmasq
Notes
Title of the patch
Security update for dnsmasq
Description of the patch
This update for dnsmasq fixes the following issues:
- CVE-2019-14834: Fixed a memory leak which could have allowed to remote attackers
to cause denial of service via DHCP response creation (bsc#1154849)
- bsc#1177077: Fixed DNSpooq vulnerabilities
- CVE-2020-25684, CVE-2020-25685, CVE-2020-25686:
Fixed multiple Cache poisoning attacks.
- CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687:
Fixed multiple potential Heap-based overflows when DNSSEC is
enabled.
- Retry query to other servers on receipt of SERVFAIL rcode
(bsc#1176076)
Patchnames
slessp4-dnsmasq-14603
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for dnsmasq", title: "Title of the patch", }, { category: "description", text: "This update for dnsmasq fixes the following issues:\n\n- CVE-2019-14834: Fixed a memory leak which could have allowed to remote attackers \n to cause denial of service via DHCP response creation (bsc#1154849)\n- bsc#1177077: Fixed DNSpooq vulnerabilities\n- CVE-2020-25684, CVE-2020-25685, CVE-2020-25686:\n Fixed multiple Cache poisoning attacks.\n- CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687:\n Fixed multiple potential Heap-based overflows when DNSSEC is\n enabled.\n- Retry query to other servers on receipt of SERVFAIL rcode\n (bsc#1176076)\n", title: "Description of the patch", }, { category: "details", text: "slessp4-dnsmasq-14603", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_14603-1.json", }, { category: "self", summary: "URL for SUSE-SU-2021:14603-1", url: "https://www.suse.com/support/update/announcement/2021/suse-su-202114603-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2021:14603-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008224.html", }, { category: "self", summary: "SUSE Bug 1154849", url: "https://bugzilla.suse.com/1154849", }, { category: "self", summary: "SUSE Bug 1176076", url: "https://bugzilla.suse.com/1176076", }, { category: "self", summary: "SUSE Bug 1177077", url: "https://bugzilla.suse.com/1177077", }, { category: "self", summary: "SUSE CVE CVE-2019-14834 page", url: "https://www.suse.com/security/cve/CVE-2019-14834/", }, { category: "self", summary: "SUSE CVE CVE-2020-25681 page", url: "https://www.suse.com/security/cve/CVE-2020-25681/", }, { category: "self", summary: "SUSE CVE CVE-2020-25682 page", url: "https://www.suse.com/security/cve/CVE-2020-25682/", }, { category: "self", summary: "SUSE CVE CVE-2020-25683 page", url: "https://www.suse.com/security/cve/CVE-2020-25683/", }, { category: "self", summary: "SUSE CVE CVE-2020-25684 page", url: "https://www.suse.com/security/cve/CVE-2020-25684/", }, { category: "self", summary: "SUSE CVE CVE-2020-25685 page", url: "https://www.suse.com/security/cve/CVE-2020-25685/", }, { category: "self", summary: "SUSE CVE CVE-2020-25686 page", url: "https://www.suse.com/security/cve/CVE-2020-25686/", }, { category: "self", summary: "SUSE CVE CVE-2020-25687 page", url: "https://www.suse.com/security/cve/CVE-2020-25687/", }, ], title: "Security update for dnsmasq", tracking: { current_release_date: "2021-01-19T11:11:40Z", generator: { date: "2021-01-19T11:11:40Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2021:14603-1", initial_release_date: "2021-01-19T11:11:40Z", revision_history: [ { date: "2021-01-19T11:11:40Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "dnsmasq-2.78-0.17.15.1.i586", product: { name: "dnsmasq-2.78-0.17.15.1.i586", product_id: "dnsmasq-2.78-0.17.15.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "dnsmasq-2.78-0.17.15.1.ppc64", product: { name: "dnsmasq-2.78-0.17.15.1.ppc64", product_id: "dnsmasq-2.78-0.17.15.1.ppc64", }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "dnsmasq-2.78-0.17.15.1.s390x", product: { name: "dnsmasq-2.78-0.17.15.1.s390x", product_id: "dnsmasq-2.78-0.17.15.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "dnsmasq-2.78-0.17.15.1.x86_64", product: { name: "dnsmasq-2.78-0.17.15.1.x86_64", product_id: "dnsmasq-2.78-0.17.15.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP4-LTSS", product: { name: "SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:suse_sles:11:sp4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-0.17.15.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", }, product_reference: "dnsmasq-2.78-0.17.15.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-0.17.15.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", }, product_reference: "dnsmasq-2.78-0.17.15.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-0.17.15.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", }, product_reference: "dnsmasq-2.78-0.17.15.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-0.17.15.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", }, product_reference: "dnsmasq-2.78-0.17.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14834", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14834", }, ], notes: [ { category: "general", text: "A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14834", url: "https://www.suse.com/security/cve/CVE-2019-14834", }, { category: "external", summary: "SUSE Bug 1154849 for CVE-2019-14834", url: "https://bugzilla.suse.com/1154849", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:40Z", details: "moderate", }, ], title: "CVE-2019-14834", }, { cve: "CVE-2020-25681", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25681", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25681", url: "https://www.suse.com/security/cve/CVE-2020-25681", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25681", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:40Z", details: "important", }, ], title: "CVE-2020-25681", }, { cve: "CVE-2020-25682", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25682", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25682", url: "https://www.suse.com/security/cve/CVE-2020-25682", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25682", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:40Z", details: "important", }, ], title: "CVE-2020-25682", }, { cve: "CVE-2020-25683", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25683", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25683", url: "https://www.suse.com/security/cve/CVE-2020-25683", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25683", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:40Z", details: "important", }, ], title: "CVE-2020-25683", }, { cve: "CVE-2020-25684", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25684", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25684", url: "https://www.suse.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25684", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:40Z", details: "important", }, ], title: "CVE-2020-25684", }, { cve: "CVE-2020-25685", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25685", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25685", url: "https://www.suse.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25685", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:40Z", details: "important", }, ], title: "CVE-2020-25685", }, { cve: "CVE-2020-25686", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25686", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25686", url: "https://www.suse.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25686", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:40Z", details: "important", }, ], title: "CVE-2020-25686", }, { cve: "CVE-2020-25687", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25687", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25687", url: "https://www.suse.com/security/cve/CVE-2020-25687", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25687", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:dnsmasq-2.78-0.17.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:11:40Z", details: "important", }, ], title: "CVE-2020-25687", }, ], }
suse-su-2021:0166-1
Vulnerability from csaf_suse
Published
2021-01-19 11:13
Modified
2021-01-19 11:13
Summary
Security update for dnsmasq
Notes
Title of the patch
Security update for dnsmasq
Description of the patch
This update for dnsmasq fixes the following issues:
- bsc#1177077: Fixed DNSpooq vulnerabilities
- CVE-2020-25684, CVE-2020-25685, CVE-2020-25686:
Fixed multiple Cache Poisoning attacks.
- CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687:
Fixed multiple potential Heap-based overflows when DNSSEC is
enabled.
- Retry query to other servers on receipt of SERVFAIL rcode
(bsc#1176076)
Patchnames
HPE-Helion-OpenStack-8-2021-166,SUSE-2021-166,SUSE-OpenStack-Cloud-7-2021-166,SUSE-OpenStack-Cloud-8-2021-166,SUSE-OpenStack-Cloud-9-2021-166,SUSE-OpenStack-Cloud-Crowbar-8-2021-166,SUSE-OpenStack-Cloud-Crowbar-9-2021-166,SUSE-SLE-SAP-12-SP2-2021-166,SUSE-SLE-SAP-12-SP3-2021-166,SUSE-SLE-SAP-12-SP4-2021-166,SUSE-SLE-SERVER-12-SP2-2021-166,SUSE-SLE-SERVER-12-SP2-BCL-2021-166,SUSE-SLE-SERVER-12-SP3-2021-166,SUSE-SLE-SERVER-12-SP3-BCL-2021-166,SUSE-SLE-SERVER-12-SP4-LTSS-2021-166,SUSE-SLE-SERVER-12-SP5-2021-166,SUSE-Storage-5-2021-166
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for dnsmasq", title: "Title of the patch", }, { category: "description", text: "This update for dnsmasq fixes the following issues:\n\n- bsc#1177077: Fixed DNSpooq vulnerabilities\n- CVE-2020-25684, CVE-2020-25685, CVE-2020-25686:\n Fixed multiple Cache Poisoning attacks.\n- CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687:\n Fixed multiple potential Heap-based overflows when DNSSEC is\n enabled.\n\n- Retry query to other servers on receipt of SERVFAIL rcode\n (bsc#1176076)\n", title: "Description of the patch", }, { category: "details", text: "HPE-Helion-OpenStack-8-2021-166,SUSE-2021-166,SUSE-OpenStack-Cloud-7-2021-166,SUSE-OpenStack-Cloud-8-2021-166,SUSE-OpenStack-Cloud-9-2021-166,SUSE-OpenStack-Cloud-Crowbar-8-2021-166,SUSE-OpenStack-Cloud-Crowbar-9-2021-166,SUSE-SLE-SAP-12-SP2-2021-166,SUSE-SLE-SAP-12-SP3-2021-166,SUSE-SLE-SAP-12-SP4-2021-166,SUSE-SLE-SERVER-12-SP2-2021-166,SUSE-SLE-SERVER-12-SP2-BCL-2021-166,SUSE-SLE-SERVER-12-SP3-2021-166,SUSE-SLE-SERVER-12-SP3-BCL-2021-166,SUSE-SLE-SERVER-12-SP4-LTSS-2021-166,SUSE-SLE-SERVER-12-SP5-2021-166,SUSE-Storage-5-2021-166", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_0166-1.json", }, { category: "self", summary: "URL for SUSE-SU-2021:0166-1", url: "https://www.suse.com/support/update/announcement/2021/suse-su-20210166-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2021:0166-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008223.html", }, { category: "self", summary: "SUSE Bug 1176076", url: "https://bugzilla.suse.com/1176076", }, { category: "self", summary: "SUSE Bug 1177077", url: "https://bugzilla.suse.com/1177077", }, { category: "self", summary: "SUSE CVE CVE-2020-25681 page", url: "https://www.suse.com/security/cve/CVE-2020-25681/", }, { category: "self", summary: "SUSE CVE CVE-2020-25682 page", url: "https://www.suse.com/security/cve/CVE-2020-25682/", }, { category: "self", summary: "SUSE CVE CVE-2020-25683 page", url: "https://www.suse.com/security/cve/CVE-2020-25683/", }, { category: "self", summary: "SUSE CVE CVE-2020-25684 page", url: "https://www.suse.com/security/cve/CVE-2020-25684/", }, { category: "self", summary: "SUSE CVE CVE-2020-25685 page", url: "https://www.suse.com/security/cve/CVE-2020-25685/", }, { category: "self", summary: "SUSE CVE CVE-2020-25686 page", url: "https://www.suse.com/security/cve/CVE-2020-25686/", }, { category: "self", summary: "SUSE CVE CVE-2020-25687 page", url: "https://www.suse.com/security/cve/CVE-2020-25687/", }, ], title: "Security update for dnsmasq", tracking: { current_release_date: "2021-01-19T11:13:16Z", generator: { date: "2021-01-19T11:13:16Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2021:0166-1", initial_release_date: "2021-01-19T11:13:16Z", revision_history: [ { date: "2021-01-19T11:13:16Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "dnsmasq-2.78-18.15.1.aarch64", product: { name: "dnsmasq-2.78-18.15.1.aarch64", product_id: "dnsmasq-2.78-18.15.1.aarch64", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-18.15.1.aarch64", product: { name: "dnsmasq-utils-2.78-18.15.1.aarch64", product_id: "dnsmasq-utils-2.78-18.15.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "dnsmasq-2.78-18.15.1.i586", product: { name: "dnsmasq-2.78-18.15.1.i586", product_id: "dnsmasq-2.78-18.15.1.i586", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-18.15.1.i586", product: { name: "dnsmasq-utils-2.78-18.15.1.i586", product_id: "dnsmasq-utils-2.78-18.15.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "dnsmasq-2.78-18.15.1.ppc64le", product: { name: "dnsmasq-2.78-18.15.1.ppc64le", product_id: "dnsmasq-2.78-18.15.1.ppc64le", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-18.15.1.ppc64le", product: { name: "dnsmasq-utils-2.78-18.15.1.ppc64le", product_id: "dnsmasq-utils-2.78-18.15.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-2.78-18.15.1.s390", product: { name: "dnsmasq-2.78-18.15.1.s390", product_id: "dnsmasq-2.78-18.15.1.s390", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-18.15.1.s390", product: { name: "dnsmasq-utils-2.78-18.15.1.s390", product_id: "dnsmasq-utils-2.78-18.15.1.s390", }, }, ], category: "architecture", name: "s390", }, { branches: [ { category: "product_version", name: "dnsmasq-2.78-18.15.1.s390x", product: { name: "dnsmasq-2.78-18.15.1.s390x", product_id: "dnsmasq-2.78-18.15.1.s390x", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-18.15.1.s390x", product: { name: "dnsmasq-utils-2.78-18.15.1.s390x", product_id: "dnsmasq-utils-2.78-18.15.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "dnsmasq-2.78-18.15.1.x86_64", product: { name: "dnsmasq-2.78-18.15.1.x86_64", product_id: "dnsmasq-2.78-18.15.1.x86_64", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-18.15.1.x86_64", product: { name: "dnsmasq-utils-2.78-18.15.1.x86_64", product_id: "dnsmasq-utils-2.78-18.15.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "HPE Helion OpenStack 8", product: { name: "HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8", product_identification_helper: { cpe: "cpe:/o:suse:hpe-helion-openstack:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud 7", product: { name: "SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:7", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud 8", product: { name: "SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud 9", product: { name: "SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:9", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud Crowbar 8", product: { name: "SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud-crowbar:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud Crowbar 9", product: { name: "SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud-crowbar:9", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP2-LTSS", product: { name: "SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP2-BCL", product: { name: "SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL", product_identification_helper: { cpe: "cpe:/o:suse:sles-bcl:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3-LTSS", product: { name: "SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3-BCL", product: { name: "SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL", product_identification_helper: { cpe: "cpe:/o:suse:sles-bcl:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP4-LTSS", product: { name: "SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP5", product: { name: "SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp5", }, }, }, { category: "product_name", name: "SUSE Enterprise Storage 5", product: { name: "SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5", product_identification_helper: { cpe: "cpe:/o:suse:ses:5", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-2.78-18.15.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-2.78-18.15.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-utils-2.78-18.15.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", }, product_reference: "dnsmasq-2.78-18.15.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-2.78-18.15.1.aarch64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", }, product_reference: "dnsmasq-utils-2.78-18.15.1.aarch64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-2.78-18.15.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", }, product_reference: "dnsmasq-utils-2.78-18.15.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-2.78-18.15.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-utils-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-2.78-18.15.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-utils-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-2.78-18.15.1.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-utils-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-2.78-18.15.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-utils-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-2.78-18.15.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-utils-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", }, product_reference: "dnsmasq-2.78-18.15.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", }, product_reference: "dnsmasq-2.78-18.15.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", }, product_reference: "dnsmasq-2.78-18.15.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", }, product_reference: "dnsmasq-2.78-18.15.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", }, product_reference: "dnsmasq-2.78-18.15.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", }, product_reference: "dnsmasq-2.78-18.15.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", }, product_reference: "dnsmasq-2.78-18.15.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", }, product_reference: "dnsmasq-2.78-18.15.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", }, product_reference: "dnsmasq-2.78-18.15.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", }, product_reference: "dnsmasq-2.78-18.15.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", }, product_reference: "dnsmasq-2.78-18.15.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", }, product_reference: "dnsmasq-2.78-18.15.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", }, product_reference: "dnsmasq-2.78-18.15.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.s390x as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", }, product_reference: "dnsmasq-2.78-18.15.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", }, product_reference: "dnsmasq-2.78-18.15.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", }, product_reference: "dnsmasq-2.78-18.15.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", }, product_reference: "dnsmasq-2.78-18.15.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.aarch64 as component of SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", }, product_reference: "dnsmasq-2.78-18.15.1.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 5", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-18.15.1.x86_64 as component of SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", }, product_reference: "dnsmasq-2.78-18.15.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 5", }, ], }, vulnerabilities: [ { cve: "CVE-2020-25681", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25681", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25681", url: "https://www.suse.com/security/cve/CVE-2020-25681", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25681", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:13:16Z", details: "important", }, ], title: "CVE-2020-25681", }, { cve: "CVE-2020-25682", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25682", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25682", url: "https://www.suse.com/security/cve/CVE-2020-25682", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25682", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:13:16Z", details: "important", }, ], title: "CVE-2020-25682", }, { cve: "CVE-2020-25683", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25683", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25683", url: "https://www.suse.com/security/cve/CVE-2020-25683", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25683", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:13:16Z", details: "important", }, ], title: "CVE-2020-25683", }, { cve: "CVE-2020-25684", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25684", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25684", url: "https://www.suse.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25684", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:13:16Z", details: "important", }, ], title: "CVE-2020-25684", }, { cve: "CVE-2020-25685", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25685", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25685", url: "https://www.suse.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25685", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:13:16Z", details: "important", }, ], title: "CVE-2020-25685", }, { cve: "CVE-2020-25686", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25686", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25686", url: "https://www.suse.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25686", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:13:16Z", details: "important", }, ], title: "CVE-2020-25686", }, { cve: "CVE-2020-25687", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25687", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25687", url: "https://www.suse.com/security/cve/CVE-2020-25687", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25687", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:dnsmasq-2.78-18.15.1.x86_64", "HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Enterprise Storage 5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:dnsmasq-2.78-18.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.aarch64", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.s390x", "SUSE OpenStack Cloud 7:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud 9:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:dnsmasq-utils-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-2.78-18.15.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:dnsmasq-utils-2.78-18.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:13:16Z", details: "important", }, ], title: "CVE-2020-25687", }, ], }
suse-su-2021:0162-1
Vulnerability from csaf_suse
Published
2021-01-19 11:08
Modified
2021-01-19 11:08
Summary
Security update for dnsmasq
Notes
Title of the patch
Security update for dnsmasq
Description of the patch
This update for dnsmasq fixes the following issues:
- bsc#1177077: Fixed DNSpooq vulnerabilities
- CVE-2020-25684, CVE-2020-25685, CVE-2020-25686:
Fixed multiple Cache Poisoning attacks.
- CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687:
Fixed multiple potential Heap-based overflows when DNSSEC is
enabled.
- Retry query to other servers on receipt of SERVFAIL rcode
(bsc#1176076)
Patchnames
SUSE-2021-162,SUSE-SLE-Product-HPC-15-2021-162,SUSE-SLE-Product-SLES-15-2021-162,SUSE-SLE-Product-SLES_SAP-15-2021-162
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for dnsmasq", title: "Title of the patch", }, { category: "description", text: "This update for dnsmasq fixes the following issues:\n\n- bsc#1177077: Fixed DNSpooq vulnerabilities\n- CVE-2020-25684, CVE-2020-25685, CVE-2020-25686:\n Fixed multiple Cache Poisoning attacks.\n- CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687:\n Fixed multiple potential Heap-based overflows when DNSSEC is\n enabled.\n- Retry query to other servers on receipt of SERVFAIL rcode\n (bsc#1176076)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2021-162,SUSE-SLE-Product-HPC-15-2021-162,SUSE-SLE-Product-SLES-15-2021-162,SUSE-SLE-Product-SLES_SAP-15-2021-162", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_0162-1.json", }, { category: "self", summary: "URL for SUSE-SU-2021:0162-1", url: "https://www.suse.com/support/update/announcement/2021/suse-su-20210162-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2021:0162-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008225.html", }, { category: "self", summary: "SUSE Bug 1176076", url: "https://bugzilla.suse.com/1176076", }, { category: "self", summary: "SUSE Bug 1177077", url: "https://bugzilla.suse.com/1177077", }, { category: "self", summary: "SUSE CVE CVE-2020-25681 page", url: "https://www.suse.com/security/cve/CVE-2020-25681/", }, { category: "self", summary: "SUSE CVE CVE-2020-25682 page", url: "https://www.suse.com/security/cve/CVE-2020-25682/", }, { category: "self", summary: "SUSE CVE CVE-2020-25683 page", url: "https://www.suse.com/security/cve/CVE-2020-25683/", }, { category: "self", summary: "SUSE CVE CVE-2020-25684 page", url: "https://www.suse.com/security/cve/CVE-2020-25684/", }, { category: "self", summary: "SUSE CVE CVE-2020-25685 page", url: "https://www.suse.com/security/cve/CVE-2020-25685/", }, { category: "self", summary: "SUSE CVE CVE-2020-25686 page", url: "https://www.suse.com/security/cve/CVE-2020-25686/", }, { category: "self", summary: "SUSE CVE CVE-2020-25687 page", url: "https://www.suse.com/security/cve/CVE-2020-25687/", }, ], title: "Security update for dnsmasq", tracking: { current_release_date: "2021-01-19T11:08:30Z", generator: { date: "2021-01-19T11:08:30Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2021:0162-1", initial_release_date: "2021-01-19T11:08:30Z", revision_history: [ { date: "2021-01-19T11:08:30Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "dnsmasq-2.78-3.11.1.aarch64", product: { name: "dnsmasq-2.78-3.11.1.aarch64", product_id: "dnsmasq-2.78-3.11.1.aarch64", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-3.11.1.aarch64", product: { name: "dnsmasq-utils-2.78-3.11.1.aarch64", product_id: "dnsmasq-utils-2.78-3.11.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "dnsmasq-2.78-3.11.1.i586", product: { name: "dnsmasq-2.78-3.11.1.i586", product_id: "dnsmasq-2.78-3.11.1.i586", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-3.11.1.i586", product: { name: "dnsmasq-utils-2.78-3.11.1.i586", product_id: "dnsmasq-utils-2.78-3.11.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "dnsmasq-2.78-3.11.1.ppc64le", product: { name: "dnsmasq-2.78-3.11.1.ppc64le", product_id: "dnsmasq-2.78-3.11.1.ppc64le", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-3.11.1.ppc64le", product: { name: "dnsmasq-utils-2.78-3.11.1.ppc64le", product_id: "dnsmasq-utils-2.78-3.11.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-2.78-3.11.1.s390x", product: { name: "dnsmasq-2.78-3.11.1.s390x", product_id: "dnsmasq-2.78-3.11.1.s390x", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-3.11.1.s390x", product: { name: "dnsmasq-utils-2.78-3.11.1.s390x", product_id: "dnsmasq-utils-2.78-3.11.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "dnsmasq-2.78-3.11.1.x86_64", product: { name: "dnsmasq-2.78-3.11.1.x86_64", product_id: "dnsmasq-2.78-3.11.1.x86_64", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-3.11.1.x86_64", product: { name: "dnsmasq-utils-2.78-3.11.1.x86_64", product_id: "dnsmasq-utils-2.78-3.11.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", product: { name: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-espos:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15-LTSS", product: { name: "SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-ltss:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 15-LTSS", product: { name: "SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 15", product: { name: "SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:15", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-3.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", }, product_reference: "dnsmasq-2.78-3.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-3.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", }, product_reference: "dnsmasq-2.78-3.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-3.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", }, product_reference: "dnsmasq-2.78-3.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-3.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", }, product_reference: "dnsmasq-2.78-3.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-3.11.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", }, product_reference: "dnsmasq-2.78-3.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-3.11.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", }, product_reference: "dnsmasq-2.78-3.11.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-3.11.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", }, product_reference: "dnsmasq-2.78-3.11.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-3.11.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", }, product_reference: "dnsmasq-2.78-3.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-3.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", }, product_reference: "dnsmasq-2.78-3.11.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-3.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", }, product_reference: "dnsmasq-2.78-3.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, ], }, vulnerabilities: [ { cve: "CVE-2020-25681", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25681", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25681", url: "https://www.suse.com/security/cve/CVE-2020-25681", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25681", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:08:30Z", details: "important", }, ], title: "CVE-2020-25681", }, { cve: "CVE-2020-25682", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25682", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25682", url: "https://www.suse.com/security/cve/CVE-2020-25682", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25682", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:08:30Z", details: "important", }, ], title: "CVE-2020-25682", }, { cve: "CVE-2020-25683", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25683", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25683", url: "https://www.suse.com/security/cve/CVE-2020-25683", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25683", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:08:30Z", details: "important", }, ], title: "CVE-2020-25683", }, { cve: "CVE-2020-25684", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25684", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25684", url: "https://www.suse.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25684", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:08:30Z", details: "important", }, ], title: "CVE-2020-25684", }, { cve: "CVE-2020-25685", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25685", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25685", url: "https://www.suse.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25685", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:08:30Z", details: "important", }, ], title: "CVE-2020-25685", }, { cve: "CVE-2020-25686", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25686", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25686", url: "https://www.suse.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25686", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:08:30Z", details: "important", }, ], title: "CVE-2020-25686", }, { cve: "CVE-2020-25687", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25687", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25687", url: "https://www.suse.com/security/cve/CVE-2020-25687", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25687", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:dnsmasq-2.78-3.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:dnsmasq-2.78-3.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-19T11:08:30Z", details: "important", }, ], title: "CVE-2020-25687", }, ], }
gsd-2020-25686
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
Aliases
Aliases
{ GSD: { alias: "CVE-2020-25686", description: "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", id: "GSD-2020-25686", references: [ "https://www.suse.com/security/cve/CVE-2020-25686.html", "https://www.debian.org/security/2021/dsa-4844", "https://access.redhat.com/errata/RHSA-2021:0401", "https://access.redhat.com/errata/RHSA-2021:0395", "https://access.redhat.com/errata/RHSA-2021:0245", "https://access.redhat.com/errata/RHSA-2021:0240", "https://access.redhat.com/errata/RHSA-2021:0156", "https://access.redhat.com/errata/RHSA-2021:0155", "https://access.redhat.com/errata/RHSA-2021:0154", "https://access.redhat.com/errata/RHSA-2021:0153", "https://access.redhat.com/errata/RHSA-2021:0152", "https://access.redhat.com/errata/RHSA-2021:0151", "https://access.redhat.com/errata/RHSA-2021:0150", "https://ubuntu.com/security/CVE-2020-25686", "https://advisories.mageia.org/CVE-2020-25686.html", "https://security.archlinux.org/CVE-2020-25686", "https://linux.oracle.com/cve/CVE-2020-25686.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2020-25686", ], details: "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", id: "GSD-2020-25686", modified: "2023-12-13T01:21:57.445287Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2020-25686", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "dnsmasq", version: { version_data: [ { version_value: "dnsmasq 2.83", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-358", }, ], }, ], }, references: { reference_data: [ { name: "https://www.jsof-tech.com/disclosures/dnspooq/", refsource: "MISC", url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { name: "FEDORA-2021-84440e87ba", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/", }, { name: "GLSA-202101-17", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202101-17", }, { name: "DSA-4844", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4844", }, { name: "FEDORA-2021-2e4c3d5a9d", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/", }, { name: "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61", refsource: "MISC", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.83", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "4.21.14m", versionStartIncluding: "4.21", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "4.22.9m", versionStartIncluding: "4.22", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "4.23.7m", versionStartIncluding: "4.23", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "4.24.5m", versionStartIncluding: "4.24", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "4.25.2f", versionStartIncluding: "4.25", vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2020-25686", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-358", }, ], }, ], }, references: { reference_data: [ { name: "https://www.jsof-tech.com/disclosures/dnspooq/", refsource: "MISC", tags: [ "Third Party Advisory", ], url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", refsource: "MISC", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { name: "FEDORA-2021-84440e87ba", refsource: "FEDORA", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/", }, { name: "GLSA-202101-17", refsource: "GENTOO", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202101-17", }, { name: "DSA-4844", refsource: "DEBIAN", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4844", }, { name: "FEDORA-2021-2e4c3d5a9d", refsource: "FEDORA", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/", }, { name: "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61", refsource: "MISC", tags: [ "Third Party Advisory", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 1.4, }, }, lastModifiedDate: "2022-02-14T15:29Z", publishedDate: "2021-01-20T17:15Z", }, }, }
fkie_cve-2020-25686
Vulnerability from fkie_nvd
Published
2021-01-20 17:15
Modified
2024-11-21 05:18
Severity ?
Summary
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| thekelleys | dnsmasq | * | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| debian | debian_linux | 10.0 | |
| arista | eos | * | |
| arista | eos | * | |
| arista | eos | * | |
| arista | eos | * | |
| arista | eos | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", matchCriteriaId: "F38115DF-0F5C-442D-83D4-1125AAB4E2B7", versionEndExcluding: "2.83", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "2E5C0DA1-5E51-40F1-82FE-CF7E391C07E4", versionEndExcluding: "4.21.14m", versionStartIncluding: "4.21", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "206E795F-BFE9-4AB9-A35F-60AC911F38E4", versionEndExcluding: "4.22.9m", versionStartIncluding: "4.22", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "6FA15712-F804-4060-99C0-7370D6111B83", versionEndExcluding: "4.23.7m", versionStartIncluding: "4.23", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "21A321F5-CB56-4258-BB30-6753EECB89DD", versionEndExcluding: "4.24.5m", versionStartIncluding: "4.24", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "9445AF76-6AE4-46A6-A470-979ADBB19EE2", versionEndExcluding: "4.25.2f", versionStartIncluding: "4.25", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", }, { lang: "es", value: "Se encontró un fallo en dnsmasq versiones anteriores a 2.83. Al recibir una consulta, dnsmasq no comprueba si existe una petición pendiente existente para el mismo nombre y reenvía una nueva petición. Por defecto, se puede enviar un máximo de 150 consultas pendientes a los servidores aguas arriba, por lo que puede haber como máximo 150 consultas para el mismo nombre. Este fallo permite a un atacante fuera de ruta en la red reduzca sustancialmente el número de intentos que tendría que realizar para falsificar una respuesta y hacer que dnsmasq la acepte. Este problema se menciona en la sección \"Birthday Attacks\" de RFC5452. Si se encadenaba con CVE-2020-25684, se reduce la complejidad del ataque de un ataque con éxito. La mayor amenaza de esta vulnerabilidad es la integridad de los datos", }, ], id: "CVE-2020-25686", lastModified: "2024-11-21T05:18:28.027", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-01-20T17:15:13.000", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202101-17", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4844", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202101-17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4844", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-358", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-290", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
cisco-sa-dnsmasq-dns-2021-c5mrdf3g
Vulnerability from csaf_cisco
Published
2021-01-19 12:15
Modified
2021-08-30 17:24
Summary
Multiple Vulnerabilities in dnsmasq DNS Forwarder Affecting Cisco Products: January 2021
Notes
Summary
A set of previously unknown vulnerabilities in the DNS forwarder implementation of dnsmasq were disclosed on January 19, 2021. The vulnerabilities are collectively known as DNSpooq.
Exploitation of these vulnerabilities could result in remote code execution or denial of service (DoS), or may allow an attacker to more easily forge DNS answers that can poison DNS caches, depending on the specific vulnerability.
Multiple Cisco products are affected by these vulnerabilities.
Cisco will release software updates that address these vulnerabilities. Any workarounds for a specific Cisco product or service will be documented in the relevant Cisco bugs, which are identified in the Vulnerable Products ["#vp"] section of this advisory.
Note: At the time of publication, no Cisco products were found to be affected by the remote code execution and DoS vulnerabilities, which are identified by the following Common Vulnerabilities and Exposures (CVE) IDs:
CVE-2020-25681
CVE-2020-25682
CVE-2020-25683
CVE-2020-25687
Affected Products
Cisco investigated its product line to determine which products may be affected by these vulnerabilities.
The Vulnerable Products ["#vp"] section includes Cisco bug IDs for each affected product or service. The bugs are accessible through the Cisco Bug Search Tool ["https://bst.cloudapps.cisco.com/bugsearch/bug/BUGID"] and contain additional platform-specific information, including workarounds (if available) and fixed software releases.
Any product or service not listed in Vulnerable Products ["#vp"] section of this advisory is to be considered not vulnerable.
Vulnerable Products
For information about which Cisco software releases are vulnerable, see the Fixed Software ["#fs"] section of this advisory.
At the time of this investigation, no Cisco products have been found to be affected by the remote code execution and DoS vulnerabilities.
Multiple Cisco products have been found to be susceptible to DNS cache poisoning attacks. The following table lists Cisco products that have been found to be susceptible to DNS cache poisoning attacks.
If a future release date is indicated for software, the date provided represents an estimate based on all information known to Cisco as of the Last Updated date at the top of the advisory. Availability dates are subject to change based on a number of factors, including satisfactory testing results and delivery of other priority features and fixes. If no version or date is listed for an affected component (indicated by a blank field and/or an advisory designation of Interim), Cisco is continuing to evaluate the fix and will update the advisory as additional information becomes available. After the advisory is marked Final, customers should refer to the associated Cisco bug(s) for further details.
Product Cisco Bug ID Fixed Release Availability Network Management and Provisioning Cisco Aironet 1560 Series Access Points CSCvv83754 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754"] Wireless LAN Controller:
8.10.151.0
8.5.171.0
Catalyst 9800 Wireless Controller:
16.12.5
17.3.3
17.5.1 (Mar 2021) Cisco Aironet 1810 Series OfficeExtend Access Points CSCvv83754 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754"] Wireless LAN Controller:
8.10.151.0
8.5.171.0
Catalyst 9800 Wireless Controller:
16.12.5
17.3.3
17.5.1 (Mar 2021) Cisco Aironet 1810w Series Access Points CSCvv83754 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754"] Wireless LAN Controller:
8.10.151.0
8.5.171.0
Catalyst 9800 Wireless Controller:
16.12.5
17.3.3
17.5.1 (Mar 2021) Cisco Aironet 1815 Series Access Points CSCvv83754 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754"] Wireless LAN Controller:
8.10.151.0
8.5.171.0
Catalyst 9800 Wireless Controller:
16.12.5
17.3.3
17.5.1 (Mar 2021) Cisco Aironet 1830 Series Access Points CSCvv83754 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754"] Wireless LAN Controller:
8.10.151.0
8.5.171.0
Catalyst 9800 Wireless Controller:
16.12.5
17.3.3
17.5.1 (Mar 2021) Cisco Aironet 1850 Series Access Points CSCvv83754 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754"] Wireless LAN Controller:
8.10.151.0
8.5.171.0
Catalyst 9800 Wireless Controller:
16.12.5
17.3.3
17.5.1 (Mar 2021) Cisco Aironet 2800 Series Access Points CSCvv83754 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754"] Wireless LAN Controller:
8.10.151.0
8.5.171.0
Catalyst 9800 Wireless Controller:
16.12.5
17.3.3
17.5.1 (Mar 2021) Cisco Aironet 3800 Series Access Points CSCvv83754 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754"] Wireless LAN Controller:
8.10.151.0
8.5.171.0
Catalyst 9800 Wireless Controller:
16.12.5
17.3.3
17.5.1 (Mar 2021) Cisco Aironet 4800 Access Points CSCvv83754 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754"] Wireless LAN Controller:
8.10.151.0
8.5.171.0
Catalyst 9800 Wireless Controller:
16.12.5
17.3.3
17.5.1 (Mar 2021) Cisco Business 100 Series Access Points CSCvv83754 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754"] 10.4.1.0 (Mar 2021) Cisco Business 200 Series Access Points CSCvv83754 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754"] 10.4.1.0 (Mar 2021) Cisco Catalyst 9100 Access Points CSCvv83754 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754"] Wireless LAN Controller:
8.10.151.0
Catalyst 9800 Wireless Controller:
16.12.5
17.3.3
17.5.1 (Mar 2021) Cisco Catalyst IW6300 Access Points CSCvv83754 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754"] Wireless LAN Controller:
8.10.151.0
Catalyst 9800 Wireless Controller:
16.12.5
17.3.3
17.5.1 (Mar 2021) Cisco ESW6300 Series Access Points CSCvv83754 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754"] Wireless LAN Controller:
8.10.151.0
Catalyst 9800 Wireless Controller:
16.12.5
17.3.3
17.5.1 (Mar 2021) Cisco Policy Suite CSCvv83241 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83241"] 21.1.0 Routing and Switching - Enterprise and Service Provider Cisco 1000 Series Connected Grid Routers (CGR1000 compute module) CSCvv84554 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv84554"] 15.9(3)M4 (Jul 2021) Cisco IR800 Integrated Services Router (Guest OS) CSCvv84553 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv84553"] 15.9(3)M4 (Jul 2021) Cisco Wireless Gateway for LoRaWAN CSCvw00914 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw00914"] 2.1.0.3 (Mar 2021) Meraki Products Cisco Meraki MR (all models) N/A Release no. TBD (Aug 2021) Cisco Meraki MS (all models) N/A Release no. TBD (Aug 2021) Cisco Meraki MV (all models) N/A Release no. TBD (Aug 2021) Cisco Meraki MX (all models) N/A Release no. TBD (Aug 2021) Cisco Meraki Z-Series (all models) N/A Release no. TBD (Aug 2021) Routing and Switching - Small Business Cisco RV042 Dual WAN VPN Router CSCvv83789 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83789"] None planned Cisco RV042G Dual Gigabit WAN VPN Router CSCvv83789 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83789"] None planned Cisco RV160x VPN Router CSCvv83787 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83787"] 1.0.02.x (Mar 2021) Cisco RV260x VPN Router CSCvv83788 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83788"] 1.0.02.x (Mar 2021) Cisco RV340W Dual WAN Gigabit Wireless-AC VPN Router CSCvv83239 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83239"] 1.0.04.x (Mar 2021) Cisco Small Business RV Series RV110W Wireless-N VPN Firewall CSCvv83235 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83235"] None planned Cisco Small Business RV Series RV215W Wireless-N VPN Router CSCvv83237 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83237"] None planned Cisco Small Business RV Series RV320 Dual Gigabit WAN VPN Router CSCvv83238 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83238"] None planned Cisco Small Business RV Series RV325 Dual WAN VPN Router CSCvv83816 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83816"] None planned Cisco Small Business RV130 Series VPN Routers CSCvv83791 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83791"] None planned Cisco Small Business RV130 VPN Router CSCvv83236 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83236"] None planned Unified Computing Cisco Enterprise NFV Infrastructure Software (NFVIS) CSCvw00975 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw00975"] 4.5 (Mar 2021) Voice and Unified Communications Devices Cisco IP Conference Phone 7832 CSCvv83246 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83246"] 14.0 (Mar 2021) Cisco IP Conference Phone 8832 CSCvv83250 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83250"] 14.0 (Mar 2021) Cisco IP Phone 6800 Series with Multiplatform Firmware CSCvv83248 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83248"] 11.3.4 (Jun 2021) Cisco IP Phone 6821 with Multiplatform Firmware CSCvw00982 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw00982"] 11.3.4 (Jun 2021) Cisco IP Phone 7800 Series with Multiplatform Firmware CSCvv83243 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83243"] 11.3.4 (Jun 2021) Cisco IP Phone 7800 Series CSCvv83249 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83249"] 14.0 (Mar 2021) Cisco IP Phone 8800 Series with Multiplatform Firmware CSCvv83242 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83242"] 11.3.4 (Jun 2021) Cisco IP Phone 8800 Series CSCvv83242 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83242"] 14.0 (Mar 2021) Cisco IP Phone 8865 CSCvv83245 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83245"] 14.0 (Mar 2021) Cisco SPA112 2-Port Phone Adapter CSCvv83234 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83234"] None planned Cisco SPA122 Analog Telephone Adapter (ATA) with Router CSCvv83234 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83234"] None planned Cisco SPA232D Multi-Line DECT Analog Telephone Adapter (ATA) CSCvv83234 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83234"] None planned Cisco Unified IP Phone 9951 CSCvv83247 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83247"]
None planned Cisco Unified IP Phone 9971 CSCvv83247 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83247"]
None planned Cisco Wireless IP Phone 8821 CSCvw00918 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw00918"] 11.0(6)SR1 (Apr 2021) Video, Streaming, TelePresence, and Transcoding Devices Cisco Expressway Series CSCvv83227 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83227"] X12.7.1 Cisco TelePresence Video Communication Server (VCS) CSCvv83227 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83227"] X12.7.1 Cisco Cloud Hosted Services Cisco IP Phone 6800 Series CSCvw01205 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw01205"] 11.3.4 (Jun 2021) Cisco Spark Calling CSCvw00907 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw00907"] X12.7.1 (Feb 2021) Cisco Webex Teams (formerly Cisco Spark) CSCvv83214 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83214"] None planned Cisco Webex Room Phone CSCvv87082 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv87082"] 1.2(0)SR1 (Aug 2021)
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to be affected by these vulnerabilities.
Cisco products that do not offer DNS server capabilities are not affected by these vulnerabilities. Cisco has also confirmed that Cisco IOS XE Software is not affected by any of these vulnerabilities.
At the time of publication, no Cisco products were found to be affected by the vulnerabilities identified by the following Common Vulnerabilities and Exposures (CVE) IDs:
CVE-2020-25681
CVE-2020-25682
CVE-2020-25683
CVE-2020-25687
Details
Remote Code Execution and Denial of Service Vulnerabilities
Multiple vulnerabilities in the DNSSEC implementation of dnsmasq could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device.
The vulnerabilities are due to improper memory management when the affected software processes DNS packets with DNSSEC data. An attacker could exploit these vulnerabilities by sending malicious DNS packets to be processed by the affected device.
When these packets are processed, an exploitable overflow condition may occur. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the underlying dnsmasq software or cause DoS condition on the affected device.
These vulnerabilities affect dnsmasq installations that match all of the following criteria:
Include a vulnerable release of dnsmasq
Capable of acting as a DNS server
Capable of validating DNSSEC data
These vulnerabilities have been assigned the following CVE IDs:
CVE-2020-25681
CVE-2020-25682
CVE-2020-25683
CVE-2020-25687
At the time of this investigation, no Cisco products have been found to be affected by these vulnerabilities.
DNS Cache Poisoning Attacks
Multiple weaknesses in the DNS server functionality of dnsmasq could allow an unauthenticated, remote attacker to more easily forge DNS answers that can poison DNS caches.
Each weakness results in dnsmasq accepting DNS answers based on checks that are performed on an amount of entropy that is lower than what is mandated by RFC 5452. The combination of these weaknesses would allow an attacker to mount a successful DNS cache poisoning attack with low traffic requirements.
These weaknesses affect dnsmasq installations that match all of the following criteria:
Include a vulnerable release of dnsmasq
Capable of acting as a DNS server
Capable of caching DNS responses
These weaknesses have been assigned the following CVE IDs:
CVE-2020-25684
CVE-2020-25685
CVE-2020-25686
Multiple Cisco products have been found to be susceptible to DNS cache poisoning attacks.
Workarounds
Any workarounds for a specific Cisco product or service will be documented in the relevant Cisco bugs, which are identified in the Vulnerable Products ["#vp"] section of this advisory.
Fixed Software
For information about fixed software releases ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], consult the Cisco bugs identified in the Vulnerable Products ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnsmasq-dns-2021-c5mrdf3g#vp"] section of this advisory.
When considering software upgrades ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page ["https://www.cisco.com/go/psirt"], to determine exposure and a complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
Vulnerability Policy
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Exploitation and Public Announcements
The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.
Cisco PSIRT is not aware of any malicious use of the vulnerabilities that are described in this advisory.
Source
Cisco would like to thank Moshe Kol and Shlomi Oberman of JSOF for reporting these vulnerabilities, which were investigated and disclosed under the coordination of CERT/CC.
Legal Disclaimer
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.
{ document: { acknowledgments: [ { summary: "Cisco would like to thank Moshe Kol and Shlomi Oberman of JSOF for reporting these vulnerabilities, which were investigated and disclosed under the coordination of CERT/CC.", }, ], category: "csaf_security_advisory", csaf_version: "2.0", notes: [ { category: "summary", text: "A set of previously unknown vulnerabilities in the DNS forwarder implementation of dnsmasq were disclosed on January 19, 2021. The vulnerabilities are collectively known as DNSpooq.\r\n\r\nExploitation of these vulnerabilities could result in remote code execution or denial of service (DoS), or may allow an attacker to more easily forge DNS answers that can poison DNS caches, depending on the specific vulnerability.\r\n\r\nMultiple Cisco products are affected by these vulnerabilities.\r\n\r\nCisco will release software updates that address these vulnerabilities. Any workarounds for a specific Cisco product or service will be documented in the relevant Cisco bugs, which are identified in the Vulnerable Products [\"#vp\"] section of this advisory.\r\n\r\nNote: At the time of publication, no Cisco products were found to be affected by the remote code execution and DoS vulnerabilities, which are identified by the following Common Vulnerabilities and Exposures (CVE) IDs:\r\n\r\n\r\nCVE-2020-25681\r\nCVE-2020-25682\r\nCVE-2020-25683\r\nCVE-2020-25687\r\n\r\n", title: "Summary", }, { category: "general", text: "Cisco investigated its product line to determine which products may be affected by these vulnerabilities.\r\n\r\nThe Vulnerable Products [\"#vp\"] section includes Cisco bug IDs for each affected product or service. The bugs are accessible through the Cisco Bug Search Tool [\"https://bst.cloudapps.cisco.com/bugsearch/bug/BUGID\"] and contain additional platform-specific information, including workarounds (if available) and fixed software releases.\r\n\r\nAny product or service not listed in Vulnerable Products [\"#vp\"] section of this advisory is to be considered not vulnerable.", title: "Affected Products", }, { category: "general", text: "For information about which Cisco software releases are vulnerable, see the Fixed Software [\"#fs\"] section of this advisory.\r\n\r\nAt the time of this investigation, no Cisco products have been found to be affected by the remote code execution and DoS vulnerabilities.\r\n\r\nMultiple Cisco products have been found to be susceptible to DNS cache poisoning attacks. The following table lists Cisco products that have been found to be susceptible to DNS cache poisoning attacks.\r\n\r\nIf a future release date is indicated for software, the date provided represents an estimate based on all information known to Cisco as of the Last Updated date at the top of the advisory. Availability dates are subject to change based on a number of factors, including satisfactory testing results and delivery of other priority features and fixes. If no version or date is listed for an affected component (indicated by a blank field and/or an advisory designation of Interim), Cisco is continuing to evaluate the fix and will update the advisory as additional information becomes available. After the advisory is marked Final, customers should refer to the associated Cisco bug(s) for further details.\r\n Product Cisco Bug ID Fixed Release Availability Network Management and Provisioning Cisco Aironet 1560 Series Access Points CSCvv83754 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754\"] Wireless LAN Controller:\r\n8.10.151.0\r\n8.5.171.0\r\n\r\nCatalyst 9800 Wireless Controller:\r\n16.12.5\r\n17.3.3\r\n17.5.1 (Mar 2021) Cisco Aironet 1810 Series OfficeExtend Access Points CSCvv83754 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754\"] Wireless LAN Controller:\r\n8.10.151.0\r\n8.5.171.0\r\n\r\nCatalyst 9800 Wireless Controller:\r\n16.12.5\r\n17.3.3\r\n17.5.1 (Mar 2021) Cisco Aironet 1810w Series Access Points CSCvv83754 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754\"] Wireless LAN Controller:\r\n8.10.151.0\r\n8.5.171.0\r\n\r\nCatalyst 9800 Wireless Controller:\r\n16.12.5\r\n17.3.3\r\n17.5.1 (Mar 2021) Cisco Aironet 1815 Series Access Points CSCvv83754 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754\"] Wireless LAN Controller:\r\n8.10.151.0\r\n8.5.171.0\r\n\r\nCatalyst 9800 Wireless Controller:\r\n16.12.5\r\n17.3.3\r\n17.5.1 (Mar 2021) Cisco Aironet 1830 Series Access Points CSCvv83754 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754\"] Wireless LAN Controller:\r\n8.10.151.0\r\n8.5.171.0\r\n\r\nCatalyst 9800 Wireless Controller:\r\n16.12.5\r\n17.3.3\r\n17.5.1 (Mar 2021) Cisco Aironet 1850 Series Access Points CSCvv83754 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754\"] Wireless LAN Controller:\r\n8.10.151.0\r\n8.5.171.0\r\n\r\nCatalyst 9800 Wireless Controller:\r\n16.12.5\r\n17.3.3\r\n17.5.1 (Mar 2021) Cisco Aironet 2800 Series Access Points CSCvv83754 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754\"] Wireless LAN Controller:\r\n8.10.151.0\r\n8.5.171.0\r\n\r\nCatalyst 9800 Wireless Controller:\r\n16.12.5\r\n17.3.3\r\n17.5.1 (Mar 2021) Cisco Aironet 3800 Series Access Points CSCvv83754 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754\"] Wireless LAN Controller:\r\n8.10.151.0\r\n8.5.171.0\r\n\r\nCatalyst 9800 Wireless Controller:\r\n16.12.5\r\n17.3.3\r\n17.5.1 (Mar 2021) Cisco Aironet 4800 Access Points CSCvv83754 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754\"] Wireless LAN Controller:\r\n8.10.151.0\r\n8.5.171.0\r\n\r\nCatalyst 9800 Wireless Controller:\r\n16.12.5\r\n17.3.3\r\n17.5.1 (Mar 2021) Cisco Business 100 Series Access Points CSCvv83754 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754\"] 10.4.1.0 (Mar 2021) Cisco Business 200 Series Access Points CSCvv83754 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754\"] 10.4.1.0 (Mar 2021) Cisco Catalyst 9100 Access Points CSCvv83754 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754\"] Wireless LAN Controller:\r\n8.10.151.0\r\n\r\nCatalyst 9800 Wireless Controller:\r\n16.12.5\r\n17.3.3\r\n17.5.1 (Mar 2021) Cisco Catalyst IW6300 Access Points CSCvv83754 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754\"] Wireless LAN Controller:\r\n8.10.151.0\r\n\r\nCatalyst 9800 Wireless Controller:\r\n16.12.5\r\n17.3.3\r\n17.5.1 (Mar 2021) Cisco ESW6300 Series Access Points CSCvv83754 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754\"] Wireless LAN Controller:\r\n8.10.151.0\r\n\r\nCatalyst 9800 Wireless Controller:\r\n16.12.5\r\n17.3.3\r\n17.5.1 (Mar 2021) Cisco Policy Suite CSCvv83241 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83241\"] 21.1.0 Routing and Switching - Enterprise and Service Provider Cisco 1000 Series Connected Grid Routers (CGR1000 compute module) CSCvv84554 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv84554\"] 15.9(3)M4 (Jul 2021) Cisco IR800 Integrated Services Router (Guest OS) CSCvv84553 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv84553\"] 15.9(3)M4 (Jul 2021) Cisco Wireless Gateway for LoRaWAN CSCvw00914 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw00914\"] 2.1.0.3 (Mar 2021) Meraki Products Cisco Meraki MR (all models) N/A Release no. TBD (Aug 2021) Cisco Meraki MS (all models) N/A Release no. TBD (Aug 2021) Cisco Meraki MV (all models) N/A Release no. TBD (Aug 2021) Cisco Meraki MX (all models) N/A Release no. TBD (Aug 2021) Cisco Meraki Z-Series (all models) N/A Release no. TBD (Aug 2021) Routing and Switching - Small Business Cisco RV042 Dual WAN VPN Router CSCvv83789 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83789\"] None planned Cisco RV042G Dual Gigabit WAN VPN Router CSCvv83789 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83789\"] None planned Cisco RV160x VPN Router CSCvv83787 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83787\"] 1.0.02.x (Mar 2021) Cisco RV260x VPN Router CSCvv83788 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83788\"] 1.0.02.x (Mar 2021) Cisco RV340W Dual WAN Gigabit Wireless-AC VPN Router CSCvv83239 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83239\"] 1.0.04.x (Mar 2021) Cisco Small Business RV Series RV110W Wireless-N VPN Firewall CSCvv83235 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83235\"] None planned Cisco Small Business RV Series RV215W Wireless-N VPN Router CSCvv83237 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83237\"] None planned Cisco Small Business RV Series RV320 Dual Gigabit WAN VPN Router CSCvv83238 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83238\"] None planned Cisco Small Business RV Series RV325 Dual WAN VPN Router CSCvv83816 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83816\"] None planned Cisco Small Business RV130 Series VPN Routers CSCvv83791 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83791\"] None planned Cisco Small Business RV130 VPN Router CSCvv83236 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83236\"] None planned Unified Computing Cisco Enterprise NFV Infrastructure Software (NFVIS) CSCvw00975 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw00975\"] 4.5 (Mar 2021) Voice and Unified Communications Devices Cisco IP Conference Phone 7832 CSCvv83246 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83246\"] 14.0 (Mar 2021) Cisco IP Conference Phone 8832 CSCvv83250 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83250\"] 14.0 (Mar 2021) Cisco IP Phone 6800 Series with Multiplatform Firmware CSCvv83248 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83248\"] 11.3.4 (Jun 2021) Cisco IP Phone 6821 with Multiplatform Firmware CSCvw00982 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw00982\"] 11.3.4 (Jun 2021) Cisco IP Phone 7800 Series with Multiplatform Firmware CSCvv83243 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83243\"] 11.3.4 (Jun 2021) Cisco IP Phone 7800 Series CSCvv83249 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83249\"] 14.0 (Mar 2021) Cisco IP Phone 8800 Series with Multiplatform Firmware CSCvv83242 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83242\"] 11.3.4 (Jun 2021) Cisco IP Phone 8800 Series CSCvv83242 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83242\"] 14.0 (Mar 2021) Cisco IP Phone 8865 CSCvv83245 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83245\"] 14.0 (Mar 2021) Cisco SPA112 2-Port Phone Adapter CSCvv83234 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83234\"] None planned Cisco SPA122 Analog Telephone Adapter (ATA) with Router CSCvv83234 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83234\"] None planned Cisco SPA232D Multi-Line DECT Analog Telephone Adapter (ATA) CSCvv83234 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83234\"] None planned Cisco Unified IP Phone 9951 CSCvv83247 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83247\"]\r\nNone planned Cisco Unified IP Phone 9971 CSCvv83247 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83247\"]\r\nNone planned Cisco Wireless IP Phone 8821 CSCvw00918 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw00918\"] 11.0(6)SR1 (Apr 2021) Video, Streaming, TelePresence, and Transcoding Devices Cisco Expressway Series CSCvv83227 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83227\"] X12.7.1 Cisco TelePresence Video Communication Server (VCS) CSCvv83227 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83227\"] X12.7.1 Cisco Cloud Hosted Services Cisco IP Phone 6800 Series CSCvw01205 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw01205\"] 11.3.4 (Jun 2021) Cisco Spark Calling CSCvw00907 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw00907\"] X12.7.1 (Feb 2021) Cisco Webex Teams (formerly Cisco Spark) CSCvv83214 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83214\"] None planned Cisco Webex Room Phone CSCvv87082 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv87082\"] 1.2(0)SR1 (Aug 2021)", title: "Vulnerable Products", }, { category: "general", text: "Only products listed in the Vulnerable Products [\"#vp\"] section of this advisory are known to be affected by these vulnerabilities.\r\n\r\nCisco products that do not offer DNS server capabilities are not affected by these vulnerabilities. Cisco has also confirmed that Cisco IOS XE Software is not affected by any of these vulnerabilities.\r\n\r\nAt the time of publication, no Cisco products were found to be affected by the vulnerabilities identified by the following Common Vulnerabilities and Exposures (CVE) IDs:\r\n\r\nCVE-2020-25681\r\nCVE-2020-25682\r\nCVE-2020-25683\r\nCVE-2020-25687", title: "Products Confirmed Not Vulnerable", }, { category: "general", text: "Remote Code Execution and Denial of Service Vulnerabilities\r\n\r\nMultiple vulnerabilities in the DNSSEC implementation of dnsmasq could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device.\r\n\r\nThe vulnerabilities are due to improper memory management when the affected software processes DNS packets with DNSSEC data. An attacker could exploit these vulnerabilities by sending malicious DNS packets to be processed by the affected device.\r\n\r\nWhen these packets are processed, an exploitable overflow condition may occur. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the underlying dnsmasq software or cause DoS condition on the affected device.\r\n\r\nThese vulnerabilities affect dnsmasq installations that match all of the following criteria:\r\n\r\nInclude a vulnerable release of dnsmasq\r\nCapable of acting as a DNS server\r\nCapable of validating DNSSEC data\r\n\r\nThese vulnerabilities have been assigned the following CVE IDs:\r\n\r\n\r\nCVE-2020-25681\r\nCVE-2020-25682\r\nCVE-2020-25683\r\nCVE-2020-25687\r\n\r\nAt the time of this investigation, no Cisco products have been found to be affected by these vulnerabilities.\r\n\r\nDNS Cache Poisoning Attacks\r\n\r\nMultiple weaknesses in the DNS server functionality of dnsmasq could allow an unauthenticated, remote attacker to more easily forge DNS answers that can poison DNS caches.\r\n\r\nEach weakness results in dnsmasq accepting DNS answers based on checks that are performed on an amount of entropy that is lower than what is mandated by RFC 5452. The combination of these weaknesses would allow an attacker to mount a successful DNS cache poisoning attack with low traffic requirements.\r\n\r\nThese weaknesses affect dnsmasq installations that match all of the following criteria:\r\n\r\nInclude a vulnerable release of dnsmasq\r\nCapable of acting as a DNS server\r\nCapable of caching DNS responses\r\n\r\nThese weaknesses have been assigned the following CVE IDs:\r\n\r\nCVE-2020-25684\r\nCVE-2020-25685\r\nCVE-2020-25686\r\n\r\nMultiple Cisco products have been found to be susceptible to DNS cache poisoning attacks.", title: "Details", }, { category: "general", text: "Any workarounds for a specific Cisco product or service will be documented in the relevant Cisco bugs, which are identified in the Vulnerable Products [\"#vp\"] section of this advisory.", title: "Workarounds", }, { category: "general", text: "For information about fixed software releases [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], consult the Cisco bugs identified in the Vulnerable Products [\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnsmasq-dns-2021-c5mrdf3g#vp\"] section of this advisory.\r\n\r\nWhen considering software upgrades [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page [\"https://www.cisco.com/go/psirt\"], to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.", title: "Fixed Software", }, { category: "general", text: "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.", title: "Vulnerability Policy", }, { category: "general", text: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.\r\n\r\nCisco PSIRT is not aware of any malicious use of the vulnerabilities that are described in this advisory.", title: "Exploitation and Public Announcements", }, { category: "general", text: "Cisco would like to thank Moshe Kol and Shlomi Oberman of JSOF for reporting these vulnerabilities, which were investigated and disclosed under the coordination of CERT/CC.", title: "Source", }, { category: "legal_disclaimer", text: "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.", title: "Legal Disclaimer", }, ], publisher: { category: "vendor", contact_details: "psirt@cisco.com", issuing_authority: "Cisco PSIRT", name: "Cisco", namespace: "https://wwww.cisco.com", }, references: [ { category: "self", summary: "Multiple Vulnerabilities in dnsmasq DNS Forwarder Affecting Cisco Products: January 2021", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnsmasq-dns-2021-c5mrdf3g", }, { category: "external", summary: "Cisco Security Vulnerability Policy", url: "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html", }, { category: "external", summary: "Cisco Bug Search Tool", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/BUGID", }, { category: "external", summary: "CSCvv83754", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83754", }, { category: "external", summary: "CSCvv83241", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83241", }, { category: "external", summary: "CSCvv84554", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv84554", }, { category: "external", summary: "CSCvv84553", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv84553", }, { category: "external", summary: "CSCvw00914", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw00914", }, { category: "external", summary: "CSCvv83789", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83789", }, { category: "external", summary: "CSCvv83787", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83787", }, { category: "external", summary: "CSCvv83788", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83788", }, { category: "external", summary: "CSCvv83239", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83239", }, { category: "external", summary: "CSCvv83235", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83235", }, { category: "external", summary: "CSCvv83237", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83237", }, { category: "external", summary: "CSCvv83238", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83238", }, { category: "external", summary: "CSCvv83816", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83816", }, { category: "external", summary: "CSCvv83791", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83791", }, { category: "external", summary: "CSCvv83236", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83236", }, { category: "external", summary: "CSCvw00975", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw00975", }, { category: "external", summary: "CSCvv83246", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83246", }, { category: "external", summary: "CSCvv83250", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83250", }, { category: "external", summary: "CSCvv83248", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83248", }, { category: "external", summary: "CSCvw00982", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw00982", }, { category: "external", summary: "CSCvv83243", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83243", }, { category: "external", summary: "CSCvv83249", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83249", }, { category: "external", summary: "CSCvv83242", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83242", }, { category: "external", summary: "CSCvv83245", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83245", }, { category: "external", summary: "CSCvv83234", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83234", }, { category: "external", summary: "CSCvv83247", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83247", }, { category: "external", summary: "CSCvw00918", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw00918", }, { category: "external", summary: "CSCvv83227", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83227", }, { category: "external", summary: "CSCvw01205", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw01205", }, { category: "external", summary: "CSCvw00907", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw00907", }, { category: "external", summary: "CSCvv83214", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv83214", }, { category: "external", summary: "CSCvv87082", url: "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv87082", }, { category: "external", summary: "fixed software releases", url: "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes", }, { category: "external", summary: "Vulnerable Products", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnsmasq-dns-2021-c5mrdf3g#vp", }, { category: "external", summary: "Cisco Security Advisories page", url: "https://www.cisco.com/go/psirt", }, ], title: "Multiple Vulnerabilities in dnsmasq DNS Forwarder Affecting Cisco Products: January 2021", tracking: { current_release_date: "2021-08-30T17:24:42+00:00", generator: { date: "2024-05-10T22:57:53+00:00", engine: { name: "TVCE", }, }, id: "cisco-sa-dnsmasq-dns-2021-c5mrdf3g", initial_release_date: "2021-01-19T12:15:00+00:00", revision_history: [ { date: "2021-01-19T12:05:02+00:00", number: "1.0.0", summary: "Initial public release.", }, { date: "2021-02-02T17:34:33+00:00", number: "1.1.0", summary: "Updated fixed release availability information for Cisco Meraki devices, Cisco Access Points, Cisco IR800 Integrated Services Router, and Cisco 1000 Series Connected Grid Routers.", }, { date: "2021-03-09T12:32:04+00:00", number: "1.2.0", summary: "Updated fixed release availability information.", }, { date: "2021-04-26T12:02:10+00:00", number: "1.3.0", summary: "Updated list of products confirmed not vulnerable. Removed list of products under investigation.", }, { date: "2021-08-30T17:24:42+00:00", number: "1.4.0", summary: "Updated Webex Room Phone fixed release.", }, ], status: "final", version: "1.4.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_family", name: "Cisco NX-OS Software", product: { name: "Cisco NX-OS Software ", product_id: "CSAFPID-80720", }, }, { category: "product_family", name: "Cisco Identity Services Engine Software", product: { name: "Cisco Identity Services Engine Software ", product_id: "CSAFPID-111903", }, }, { category: "product_family", name: "Cisco TelePresence Video Communication Server (VCS) Expressway", product: { name: "Cisco TelePresence Video Communication Server (VCS) Expressway ", product_id: "CSAFPID-209614", }, }, { category: "product_family", name: "Cisco Session Initiation Protocol (SIP) Software", product: { name: "Cisco Session Initiation Protocol (SIP) Software ", product_id: "CSAFPID-277608", }, }, ], category: "vendor", name: "Cisco", }, ], }, vulnerabilities: [ { cve: "CVE-2020-25683", ids: [ { system_name: "Cisco Bug ID", text: "CSCvx66581", }, { system_name: "Cisco Bug ID", text: "CSCvx66584", }, { system_name: "Cisco Bug ID", text: "CSCvx17339", }, { system_name: "Cisco Bug ID", text: "CSCvx20637", }, { system_name: "Cisco Bug ID", text: "CSCvv83232", }, { system_name: "Cisco Bug ID", text: "CSCvw00918", }, ], notes: [ { category: "other", text: "Complete.", title: "Affected Product Comprehensiveness", }, ], product_status: { known_affected: [ "CSAFPID-80720", "CSAFPID-209614", "CSAFPID-111903", "CSAFPID-277608", ], }, release_date: "2021-01-19T12:15:00+00:00", remediations: [ { category: "vendor_fix", details: "Cisco has released software updates that address this vulnerability.", product_ids: [ "CSAFPID-209614", "CSAFPID-277608", "CSAFPID-111903", "CSAFPID-80720", ], url: "https://software.cisco.com", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-80720", "CSAFPID-209614", "CSAFPID-111903", "CSAFPID-277608", ], }, ], title: "vuln-CVE-2020-25683", }, { cve: "CVE-2020-25687", ids: [ { system_name: "Cisco Bug ID", text: "CSCvv83232", }, { system_name: "Cisco Bug ID", text: "CSCvx17339", }, { system_name: "Cisco Bug ID", text: "CSCvx20637", }, { system_name: "Cisco Bug ID", text: "CSCvx66581", }, { system_name: "Cisco Bug ID", text: "CSCvx66584", }, { system_name: "Cisco Bug ID", text: "CSCvw00918", }, ], notes: [ { category: "other", text: "Complete.", title: "Affected Product Comprehensiveness", }, ], product_status: { known_affected: [ "CSAFPID-111903", "CSAFPID-209614", "CSAFPID-80720", "CSAFPID-277608", ], }, release_date: "2021-01-19T12:15:00+00:00", remediations: [ { category: "vendor_fix", details: "Cisco has released software updates that address this vulnerability.", product_ids: [ "CSAFPID-209614", "CSAFPID-277608", "CSAFPID-111903", "CSAFPID-80720", ], url: "https://software.cisco.com", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-111903", "CSAFPID-209614", "CSAFPID-80720", "CSAFPID-277608", ], }, ], title: "vuln-CVE-2020-25687", }, { cve: "CVE-2020-25681", ids: [ { system_name: "Cisco Bug ID", text: "CSCvx20637", }, { system_name: "Cisco Bug ID", text: "CSCvx66581", }, { system_name: "Cisco Bug ID", text: "CSCvx66584", }, { system_name: "Cisco Bug ID", text: "CSCvw00918", }, { system_name: "Cisco Bug ID", text: "CSCvv83232", }, ], notes: [ { category: "other", text: "Complete.", title: "Affected Product Comprehensiveness", }, ], product_status: { known_affected: [ "CSAFPID-209614", "CSAFPID-80720", "CSAFPID-277608", "CSAFPID-111903", ], }, release_date: "2021-01-19T12:15:00+00:00", remediations: [ { category: "vendor_fix", details: "Cisco has released software updates that address this vulnerability.", product_ids: [ "CSAFPID-209614", "CSAFPID-277608", "CSAFPID-111903", "CSAFPID-80720", ], url: "https://software.cisco.com", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-209614", "CSAFPID-80720", "CSAFPID-277608", "CSAFPID-111903", ], }, ], title: "vuln-CVE-2020-25681", }, { cve: "CVE-2020-25682", ids: [ { system_name: "Cisco Bug ID", text: "CSCvx20637", }, { system_name: "Cisco Bug ID", text: "CSCvw00918", }, { system_name: "Cisco Bug ID", text: "CSCvv83232", }, { system_name: "Cisco Bug ID", text: "CSCvx66581", }, { system_name: "Cisco Bug ID", text: "CSCvx66584", }, ], notes: [ { category: "other", text: "Complete.", title: "Affected Product Comprehensiveness", }, ], product_status: { known_affected: [ "CSAFPID-209614", "CSAFPID-277608", "CSAFPID-111903", "CSAFPID-80720", ], }, release_date: "2021-01-19T12:15:00+00:00", remediations: [ { category: "vendor_fix", details: "Cisco has released software updates that address this vulnerability.", product_ids: [ "CSAFPID-209614", "CSAFPID-277608", "CSAFPID-111903", "CSAFPID-80720", ], url: "https://software.cisco.com", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-209614", "CSAFPID-277608", "CSAFPID-111903", "CSAFPID-80720", ], }, ], title: "vuln-CVE-2020-25682", }, { cve: "CVE-2020-25686", ids: [ { system_name: "Cisco Bug ID", text: "CSCvw00918", }, { system_name: "Cisco Bug ID", text: "CSCvx66581", }, { system_name: "Cisco Bug ID", text: "CSCvx66584", }, { system_name: "Cisco Bug ID", text: "CSCvx17339", }, { system_name: "Cisco Bug ID", text: "CSCvx20637", }, { system_name: "Cisco Bug ID", text: "CSCvv83232", }, ], notes: [ { category: "other", text: "Complete.", title: "Affected Product Comprehensiveness", }, ], product_status: { known_affected: [ "CSAFPID-277608", "CSAFPID-80720", "CSAFPID-209614", "CSAFPID-111903", ], }, release_date: "2021-01-19T12:15:00+00:00", remediations: [ { category: "vendor_fix", details: "Cisco has released software updates that address this vulnerability.", product_ids: [ "CSAFPID-209614", "CSAFPID-277608", "CSAFPID-111903", "CSAFPID-80720", ], url: "https://software.cisco.com", }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-277608", "CSAFPID-80720", "CSAFPID-209614", "CSAFPID-111903", ], }, ], title: "vuln-CVE-2020-25686", }, { cve: "CVE-2020-25685", ids: [ { system_name: "Cisco Bug ID", text: "CSCvx20637", }, { system_name: "Cisco Bug ID", text: "CSCvw00918", }, { system_name: "Cisco Bug ID", text: "CSCvv83232", }, { system_name: "Cisco Bug ID", text: "CSCvx66581", }, { system_name: "Cisco Bug ID", text: "CSCvx66584", }, ], notes: [ { category: "other", text: "Complete.", title: "Affected Product Comprehensiveness", }, ], product_status: { known_affected: [ "CSAFPID-209614", "CSAFPID-277608", "CSAFPID-111903", "CSAFPID-80720", ], }, release_date: "2021-01-19T12:15:00+00:00", remediations: [ { category: "vendor_fix", details: "Cisco has released software updates that address this vulnerability.", product_ids: [ "CSAFPID-209614", "CSAFPID-277608", "CSAFPID-111903", "CSAFPID-80720", ], url: "https://software.cisco.com", }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-209614", "CSAFPID-277608", "CSAFPID-111903", "CSAFPID-80720", ], }, ], title: "vuln-CVE-2020-25685", }, { cve: "CVE-2020-25684", ids: [ { system_name: "Cisco Bug ID", text: "CSCvw00918", }, { system_name: "Cisco Bug ID", text: "CSCvv83232", }, { system_name: "Cisco Bug ID", text: "CSCvx66581", }, { system_name: "Cisco Bug ID", text: "CSCvx66584", }, { system_name: "Cisco Bug ID", text: "CSCvx20637", }, ], notes: [ { category: "other", text: "Complete.", title: "Affected Product Comprehensiveness", }, ], product_status: { known_affected: [ "CSAFPID-277608", "CSAFPID-111903", "CSAFPID-80720", "CSAFPID-209614", ], }, release_date: "2021-01-19T12:15:00+00:00", remediations: [ { category: "vendor_fix", details: "Cisco has released software updates that address this vulnerability.", product_ids: [ "CSAFPID-209614", "CSAFPID-277608", "CSAFPID-111903", "CSAFPID-80720", ], url: "https://software.cisco.com", }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-277608", "CSAFPID-111903", "CSAFPID-80720", "CSAFPID-209614", ], }, ], title: "Multiple Vulnerabilities in dnsmasq DNS server affecting Cisco Products: January 2021", }, ], }
opensuse-su-2021:0129-1
Vulnerability from csaf_opensuse
Published
2021-01-20 15:22
Modified
2021-01-20 15:22
Summary
Security update for dnsmasq
Notes
Title of the patch
Security update for dnsmasq
Description of the patch
This update for dnsmasq fixes the following issues:
- bsc#1177077: Fixed DNSpooq vulnerabilities
- CVE-2020-25684, CVE-2020-25685, CVE-2020-25686:
Fixed multiple Cache Poisoning attacks.
- CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687:
Fixed multiple potential Heap-based overflows when DNSSEC is
enabled.
- Retry query to other servers on receipt of SERVFAIL rcode
(bsc#1176076)
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patchnames
openSUSE-2021-129
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for dnsmasq", title: "Title of the patch", }, { category: "description", text: "This update for dnsmasq fixes the following issues:\n\n- bsc#1177077: Fixed DNSpooq vulnerabilities\n- CVE-2020-25684, CVE-2020-25685, CVE-2020-25686:\n Fixed multiple Cache Poisoning attacks.\n- CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687:\n Fixed multiple potential Heap-based overflows when DNSSEC is\n enabled.\n\n- Retry query to other servers on receipt of SERVFAIL rcode\n (bsc#1176076)\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2021-129", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_0129-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2021:0129-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6B57K75B7OP43O3RNF2Q6TTLL4DZ6KPE/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2021:0129-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6B57K75B7OP43O3RNF2Q6TTLL4DZ6KPE/", }, { category: "self", summary: "SUSE Bug 1176076", url: "https://bugzilla.suse.com/1176076", }, { category: "self", summary: "SUSE Bug 1177077", url: "https://bugzilla.suse.com/1177077", }, { category: "self", summary: "SUSE CVE CVE-2020-25681 page", url: "https://www.suse.com/security/cve/CVE-2020-25681/", }, { category: "self", summary: "SUSE CVE CVE-2020-25682 page", url: "https://www.suse.com/security/cve/CVE-2020-25682/", }, { category: "self", summary: "SUSE CVE CVE-2020-25683 page", url: "https://www.suse.com/security/cve/CVE-2020-25683/", }, { category: "self", summary: "SUSE CVE CVE-2020-25684 page", url: "https://www.suse.com/security/cve/CVE-2020-25684/", }, { category: "self", summary: "SUSE CVE CVE-2020-25685 page", url: "https://www.suse.com/security/cve/CVE-2020-25685/", }, { category: "self", summary: "SUSE CVE CVE-2020-25686 page", url: "https://www.suse.com/security/cve/CVE-2020-25686/", }, { category: "self", summary: "SUSE CVE CVE-2020-25687 page", url: "https://www.suse.com/security/cve/CVE-2020-25687/", }, ], title: "Security update for dnsmasq", tracking: { current_release_date: "2021-01-20T15:22:51Z", generator: { date: "2021-01-20T15:22:51Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2021:0129-1", initial_release_date: "2021-01-20T15:22:51Z", revision_history: [ { date: "2021-01-20T15:22:51Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "dnsmasq-2.78-lp151.5.6.1.i586", product: { name: "dnsmasq-2.78-lp151.5.6.1.i586", product_id: "dnsmasq-2.78-lp151.5.6.1.i586", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-lp151.5.6.1.i586", product: { name: "dnsmasq-utils-2.78-lp151.5.6.1.i586", product_id: "dnsmasq-utils-2.78-lp151.5.6.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "dnsmasq-2.78-lp151.5.6.1.x86_64", product: { name: "dnsmasq-2.78-lp151.5.6.1.x86_64", product_id: "dnsmasq-2.78-lp151.5.6.1.x86_64", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-lp151.5.6.1.x86_64", product: { name: "dnsmasq-utils-2.78-lp151.5.6.1.x86_64", product_id: "dnsmasq-utils-2.78-lp151.5.6.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.1", product: { name: "openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-lp151.5.6.1.i586 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", }, product_reference: "dnsmasq-2.78-lp151.5.6.1.i586", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-lp151.5.6.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", }, product_reference: "dnsmasq-2.78-lp151.5.6.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-2.78-lp151.5.6.1.i586 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", }, product_reference: "dnsmasq-utils-2.78-lp151.5.6.1.i586", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-2.78-lp151.5.6.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", }, product_reference: "dnsmasq-utils-2.78-lp151.5.6.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, ], }, vulnerabilities: [ { cve: "CVE-2020-25681", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25681", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25681", url: "https://www.suse.com/security/cve/CVE-2020-25681", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25681", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-20T15:22:51Z", details: "important", }, ], title: "CVE-2020-25681", }, { cve: "CVE-2020-25682", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25682", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25682", url: "https://www.suse.com/security/cve/CVE-2020-25682", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25682", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-20T15:22:51Z", details: "important", }, ], title: "CVE-2020-25682", }, { cve: "CVE-2020-25683", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25683", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25683", url: "https://www.suse.com/security/cve/CVE-2020-25683", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25683", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-20T15:22:51Z", details: "important", }, ], title: "CVE-2020-25683", }, { cve: "CVE-2020-25684", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25684", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25684", url: "https://www.suse.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25684", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-20T15:22:51Z", details: "important", }, ], title: "CVE-2020-25684", }, { cve: "CVE-2020-25685", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25685", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25685", url: "https://www.suse.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25685", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-20T15:22:51Z", details: "important", }, ], title: "CVE-2020-25685", }, { cve: "CVE-2020-25686", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25686", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25686", url: "https://www.suse.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25686", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-20T15:22:51Z", details: "important", }, ], title: "CVE-2020-25686", }, { cve: "CVE-2020-25687", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25687", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25687", url: "https://www.suse.com/security/cve/CVE-2020-25687", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25687", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-2.78-lp151.5.6.1.x86_64", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.i586", "openSUSE Leap 15.1:dnsmasq-utils-2.78-lp151.5.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-20T15:22:51Z", details: "important", }, ], title: "CVE-2020-25687", }, ], }
opensuse-su-2021:0124-1
Vulnerability from csaf_opensuse
Published
2021-01-20 09:04
Modified
2021-01-20 09:04
Summary
Security update for dnsmasq
Notes
Title of the patch
Security update for dnsmasq
Description of the patch
This update for dnsmasq fixes the following issues:
- bsc#1177077: Fixed DNSpooq vulnerabilities
- CVE-2020-25684, CVE-2020-25685, CVE-2020-25686:
Fixed multiple Cache Poisoning attacks.
- CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687:
Fixed multiple potential Heap-based overflows when DNSSEC is
enabled.
- Retry query to other servers on receipt of SERVFAIL rcode
(bsc#1176076)
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patchnames
openSUSE-2021-124
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for dnsmasq", title: "Title of the patch", }, { category: "description", text: "This update for dnsmasq fixes the following issues:\n\n- bsc#1177077: Fixed DNSpooq vulnerabilities\n- CVE-2020-25684, CVE-2020-25685, CVE-2020-25686:\n Fixed multiple Cache Poisoning attacks.\n- CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687:\n Fixed multiple potential Heap-based overflows when DNSSEC is\n enabled.\n\n- Retry query to other servers on receipt of SERVFAIL rcode\n (bsc#1176076)\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2021-124", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_0124-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2021:0124-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GY5KV2WHBZG4XCWVKZOU4DFCHSMBT5KV/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2021:0124-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GY5KV2WHBZG4XCWVKZOU4DFCHSMBT5KV/", }, { category: "self", summary: "SUSE Bug 1176076", url: "https://bugzilla.suse.com/1176076", }, { category: "self", summary: "SUSE Bug 1177077", url: "https://bugzilla.suse.com/1177077", }, { category: "self", summary: "SUSE CVE CVE-2020-25681 page", url: "https://www.suse.com/security/cve/CVE-2020-25681/", }, { category: "self", summary: "SUSE CVE CVE-2020-25682 page", url: "https://www.suse.com/security/cve/CVE-2020-25682/", }, { category: "self", summary: "SUSE CVE CVE-2020-25683 page", url: "https://www.suse.com/security/cve/CVE-2020-25683/", }, { category: "self", summary: "SUSE CVE CVE-2020-25684 page", url: "https://www.suse.com/security/cve/CVE-2020-25684/", }, { category: "self", summary: "SUSE CVE CVE-2020-25685 page", url: "https://www.suse.com/security/cve/CVE-2020-25685/", }, { category: "self", summary: "SUSE CVE CVE-2020-25686 page", url: "https://www.suse.com/security/cve/CVE-2020-25686/", }, { category: "self", summary: "SUSE CVE CVE-2020-25687 page", url: "https://www.suse.com/security/cve/CVE-2020-25687/", }, ], title: "Security update for dnsmasq", tracking: { current_release_date: "2021-01-20T09:04:03Z", generator: { date: "2021-01-20T09:04:03Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2021:0124-1", initial_release_date: "2021-01-20T09:04:03Z", revision_history: [ { date: "2021-01-20T09:04:03Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "dnsmasq-2.78-lp152.7.3.1.i586", product: { name: "dnsmasq-2.78-lp152.7.3.1.i586", product_id: "dnsmasq-2.78-lp152.7.3.1.i586", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-lp152.7.3.1.i586", product: { name: "dnsmasq-utils-2.78-lp152.7.3.1.i586", product_id: "dnsmasq-utils-2.78-lp152.7.3.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "dnsmasq-2.78-lp152.7.3.1.x86_64", product: { name: "dnsmasq-2.78-lp152.7.3.1.x86_64", product_id: "dnsmasq-2.78-lp152.7.3.1.x86_64", }, }, { category: "product_version", name: "dnsmasq-utils-2.78-lp152.7.3.1.x86_64", product: { name: "dnsmasq-utils-2.78-lp152.7.3.1.x86_64", product_id: "dnsmasq-utils-2.78-lp152.7.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.2", product: { name: "openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-lp152.7.3.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", }, product_reference: "dnsmasq-2.78-lp152.7.3.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.78-lp152.7.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", }, product_reference: "dnsmasq-2.78-lp152.7.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-2.78-lp152.7.3.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", }, product_reference: "dnsmasq-utils-2.78-lp152.7.3.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-2.78-lp152.7.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", }, product_reference: "dnsmasq-utils-2.78-lp152.7.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-25681", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25681", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25681", url: "https://www.suse.com/security/cve/CVE-2020-25681", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25681", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-20T09:04:03Z", details: "important", }, ], title: "CVE-2020-25681", }, { cve: "CVE-2020-25682", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25682", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25682", url: "https://www.suse.com/security/cve/CVE-2020-25682", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25682", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-20T09:04:03Z", details: "important", }, ], title: "CVE-2020-25682", }, { cve: "CVE-2020-25683", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25683", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25683", url: "https://www.suse.com/security/cve/CVE-2020-25683", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25683", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-20T09:04:03Z", details: "important", }, ], title: "CVE-2020-25683", }, { cve: "CVE-2020-25684", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25684", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25684", url: "https://www.suse.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25684", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-20T09:04:03Z", details: "important", }, ], title: "CVE-2020-25684", }, { cve: "CVE-2020-25685", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25685", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25685", url: "https://www.suse.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25685", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-20T09:04:03Z", details: "important", }, ], title: "CVE-2020-25685", }, { cve: "CVE-2020-25686", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25686", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25686", url: "https://www.suse.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25686", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-20T09:04:03Z", details: "important", }, ], title: "CVE-2020-25686", }, { cve: "CVE-2020-25687", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25687", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25687", url: "https://www.suse.com/security/cve/CVE-2020-25687", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25687", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-2.78-lp152.7.3.1.x86_64", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.i586", "openSUSE Leap 15.2:dnsmasq-utils-2.78-lp152.7.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-01-20T09:04:03Z", details: "important", }, ], title: "CVE-2020-25687", }, ], }
opensuse-su-2024:10721-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
dnsmasq-2.86-1.1 on GA media
Notes
Title of the patch
dnsmasq-2.86-1.1 on GA media
Description of the patch
These are all security issues fixed in the dnsmasq-2.86-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10721
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "dnsmasq-2.86-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the dnsmasq-2.86-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-10721", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10721-1.json", }, { category: "self", summary: "SUSE CVE CVE-2017-14491 page", url: "https://www.suse.com/security/cve/CVE-2017-14491/", }, { category: "self", summary: "SUSE CVE CVE-2017-14492 page", url: "https://www.suse.com/security/cve/CVE-2017-14492/", }, { category: "self", summary: "SUSE CVE CVE-2017-14493 page", url: "https://www.suse.com/security/cve/CVE-2017-14493/", }, { category: "self", summary: "SUSE CVE CVE-2017-14494 page", url: "https://www.suse.com/security/cve/CVE-2017-14494/", }, { category: "self", summary: "SUSE CVE CVE-2017-14495 page", url: "https://www.suse.com/security/cve/CVE-2017-14495/", }, { category: "self", summary: "SUSE CVE CVE-2017-14496 page", url: "https://www.suse.com/security/cve/CVE-2017-14496/", }, { category: "self", summary: "SUSE CVE CVE-2017-15107 page", url: "https://www.suse.com/security/cve/CVE-2017-15107/", }, { category: "self", summary: "SUSE CVE CVE-2019-14834 page", url: "https://www.suse.com/security/cve/CVE-2019-14834/", }, { category: "self", summary: "SUSE CVE CVE-2020-25681 page", url: "https://www.suse.com/security/cve/CVE-2020-25681/", }, { category: "self", summary: "SUSE CVE CVE-2020-25683 page", url: "https://www.suse.com/security/cve/CVE-2020-25683/", }, { category: "self", summary: "SUSE CVE CVE-2020-25684 page", url: "https://www.suse.com/security/cve/CVE-2020-25684/", }, { category: "self", summary: "SUSE CVE CVE-2020-25685 page", url: "https://www.suse.com/security/cve/CVE-2020-25685/", }, { category: "self", summary: "SUSE CVE CVE-2020-25686 page", url: "https://www.suse.com/security/cve/CVE-2020-25686/", }, { category: "self", summary: "SUSE CVE CVE-2021-3448 page", url: "https://www.suse.com/security/cve/CVE-2021-3448/", }, ], title: "dnsmasq-2.86-1.1 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:10721-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "dnsmasq-2.86-1.1.aarch64", product: { name: "dnsmasq-2.86-1.1.aarch64", product_id: "dnsmasq-2.86-1.1.aarch64", }, }, { category: "product_version", name: "dnsmasq-utils-2.86-1.1.aarch64", product: { name: "dnsmasq-utils-2.86-1.1.aarch64", product_id: "dnsmasq-utils-2.86-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "dnsmasq-2.86-1.1.ppc64le", product: { name: "dnsmasq-2.86-1.1.ppc64le", product_id: "dnsmasq-2.86-1.1.ppc64le", }, }, { category: "product_version", name: "dnsmasq-utils-2.86-1.1.ppc64le", product: { name: "dnsmasq-utils-2.86-1.1.ppc64le", product_id: "dnsmasq-utils-2.86-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "dnsmasq-2.86-1.1.s390x", product: { name: "dnsmasq-2.86-1.1.s390x", product_id: "dnsmasq-2.86-1.1.s390x", }, }, { category: "product_version", name: "dnsmasq-utils-2.86-1.1.s390x", product: { name: "dnsmasq-utils-2.86-1.1.s390x", product_id: "dnsmasq-utils-2.86-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "dnsmasq-2.86-1.1.x86_64", product: { name: "dnsmasq-2.86-1.1.x86_64", product_id: "dnsmasq-2.86-1.1.x86_64", }, }, { category: "product_version", name: "dnsmasq-utils-2.86-1.1.x86_64", product: { name: "dnsmasq-utils-2.86-1.1.x86_64", product_id: "dnsmasq-utils-2.86-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "dnsmasq-2.86-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", }, product_reference: "dnsmasq-2.86-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.86-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", }, product_reference: "dnsmasq-2.86-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.86-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", }, product_reference: "dnsmasq-2.86-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-2.86-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", }, product_reference: "dnsmasq-2.86-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-2.86-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", }, product_reference: "dnsmasq-utils-2.86-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-2.86-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", }, product_reference: "dnsmasq-utils-2.86-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-2.86-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", }, product_reference: "dnsmasq-utils-2.86-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "dnsmasq-utils-2.86-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", }, product_reference: "dnsmasq-utils-2.86-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2017-14491", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-14491", }, ], notes: [ { category: "general", text: "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-14491", url: "https://www.suse.com/security/cve/CVE-2017-14491", }, { category: "external", summary: "SUSE Bug 1060354 for CVE-2017-14491", url: "https://bugzilla.suse.com/1060354", }, { category: "external", summary: "SUSE Bug 1060360 for CVE-2017-14491", url: "https://bugzilla.suse.com/1060360", }, { category: "external", summary: "SUSE Bug 1060361 for CVE-2017-14491", url: "https://bugzilla.suse.com/1060361", }, { category: "external", summary: "SUSE Bug 1060362 for CVE-2017-14491", url: "https://bugzilla.suse.com/1060362", }, { category: "external", summary: "SUSE Bug 1060364 for CVE-2017-14491", url: "https://bugzilla.suse.com/1060364", }, { category: "external", summary: "SUSE Bug 1063832 for CVE-2017-14491", url: "https://bugzilla.suse.com/1063832", }, { category: "external", summary: "SUSE Bug 1143944 for CVE-2017-14491", url: "https://bugzilla.suse.com/1143944", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-14491", }, { cve: "CVE-2017-14492", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-14492", }, ], notes: [ { category: "general", text: "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-14492", url: "https://www.suse.com/security/cve/CVE-2017-14492", }, { category: "external", summary: "SUSE Bug 1060355 for CVE-2017-14492", url: "https://bugzilla.suse.com/1060355", }, { category: "external", summary: "SUSE Bug 1060360 for CVE-2017-14492", url: "https://bugzilla.suse.com/1060360", }, { category: "external", summary: "SUSE Bug 1060361 for CVE-2017-14492", url: "https://bugzilla.suse.com/1060361", }, { category: "external", summary: "SUSE Bug 1060362 for CVE-2017-14492", url: "https://bugzilla.suse.com/1060362", }, { category: "external", summary: "SUSE Bug 1060364 for CVE-2017-14492", url: "https://bugzilla.suse.com/1060364", }, { category: "external", summary: "SUSE Bug 1063832 for CVE-2017-14492", url: "https://bugzilla.suse.com/1063832", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-14492", }, { cve: "CVE-2017-14493", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-14493", }, ], notes: [ { category: "general", text: "Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-14493", url: "https://www.suse.com/security/cve/CVE-2017-14493", }, { category: "external", summary: "SUSE Bug 1060360 for CVE-2017-14493", url: "https://bugzilla.suse.com/1060360", }, { category: "external", summary: "SUSE Bug 1060361 for CVE-2017-14493", url: "https://bugzilla.suse.com/1060361", }, { category: "external", summary: "SUSE Bug 1060362 for CVE-2017-14493", url: "https://bugzilla.suse.com/1060362", }, { category: "external", summary: "SUSE Bug 1060364 for CVE-2017-14493", url: "https://bugzilla.suse.com/1060364", }, { category: "external", summary: "SUSE Bug 1063832 for CVE-2017-14493", url: "https://bugzilla.suse.com/1063832", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-14493", }, { cve: "CVE-2017-14494", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-14494", }, ], notes: [ { category: "general", text: "dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-14494", url: "https://www.suse.com/security/cve/CVE-2017-14494", }, { category: "external", summary: "SUSE Bug 1060360 for CVE-2017-14494", url: "https://bugzilla.suse.com/1060360", }, { category: "external", summary: "SUSE Bug 1060361 for CVE-2017-14494", url: "https://bugzilla.suse.com/1060361", }, { category: "external", summary: "SUSE Bug 1060362 for CVE-2017-14494", url: "https://bugzilla.suse.com/1060362", }, { category: "external", summary: "SUSE Bug 1060364 for CVE-2017-14494", url: "https://bugzilla.suse.com/1060364", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-14494", }, { cve: "CVE-2017-14495", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-14495", }, ], notes: [ { category: "general", text: "Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-14495", url: "https://www.suse.com/security/cve/CVE-2017-14495", }, { category: "external", summary: "SUSE Bug 1060360 for CVE-2017-14495", url: "https://bugzilla.suse.com/1060360", }, { category: "external", summary: "SUSE Bug 1060361 for CVE-2017-14495", url: "https://bugzilla.suse.com/1060361", }, { category: "external", summary: "SUSE Bug 1060362 for CVE-2017-14495", url: "https://bugzilla.suse.com/1060362", }, { category: "external", summary: "SUSE Bug 1060364 for CVE-2017-14495", url: "https://bugzilla.suse.com/1060364", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-14495", }, { cve: "CVE-2017-14496", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-14496", }, ], notes: [ { category: "general", text: "Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-14496", url: "https://www.suse.com/security/cve/CVE-2017-14496", }, { category: "external", summary: "SUSE Bug 1060360 for CVE-2017-14496", url: "https://bugzilla.suse.com/1060360", }, { category: "external", summary: "SUSE Bug 1060361 for CVE-2017-14496", url: "https://bugzilla.suse.com/1060361", }, { category: "external", summary: "SUSE Bug 1060362 for CVE-2017-14496", url: "https://bugzilla.suse.com/1060362", }, { category: "external", summary: "SUSE Bug 1060364 for CVE-2017-14496", url: "https://bugzilla.suse.com/1060364", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-14496", }, { cve: "CVE-2017-15107", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15107", }, ], notes: [ { category: "general", text: "A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15107", url: "https://www.suse.com/security/cve/CVE-2017-15107", }, { category: "external", summary: "SUSE Bug 1076958 for CVE-2017-15107", url: "https://bugzilla.suse.com/1076958", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-15107", }, { cve: "CVE-2019-14834", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14834", }, ], notes: [ { category: "general", text: "A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14834", url: "https://www.suse.com/security/cve/CVE-2019-14834", }, { category: "external", summary: "SUSE Bug 1154849 for CVE-2019-14834", url: "https://bugzilla.suse.com/1154849", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-14834", }, { cve: "CVE-2020-25681", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25681", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25681", url: "https://www.suse.com/security/cve/CVE-2020-25681", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25681", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-25681", }, { cve: "CVE-2020-25683", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25683", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25683", url: "https://www.suse.com/security/cve/CVE-2020-25683", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25683", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-25683", }, { cve: "CVE-2020-25684", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25684", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25684", url: "https://www.suse.com/security/cve/CVE-2020-25684", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25684", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-25684", }, { cve: "CVE-2020-25685", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25685", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25685", url: "https://www.suse.com/security/cve/CVE-2020-25685", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25685", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-25685", }, { cve: "CVE-2020-25686", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25686", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25686", url: "https://www.suse.com/security/cve/CVE-2020-25686", }, { category: "external", summary: "SUSE Bug 1177077 for CVE-2020-25686", url: "https://bugzilla.suse.com/1177077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-25686", }, { cve: "CVE-2021-3448", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3448", }, ], notes: [ { category: "general", text: "A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3448", url: "https://www.suse.com/security/cve/CVE-2021-3448", }, { category: "external", summary: "SUSE Bug 1183709 for CVE-2021-3448", url: "https://bugzilla.suse.com/1183709", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:dnsmasq-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-2.86-1.1.x86_64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.aarch64", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.ppc64le", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.s390x", "openSUSE Tumbleweed:dnsmasq-utils-2.86-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2021-3448", }, ], }
ghsa-9xp3-mp9c-47rf
Vulnerability from github
Published
2022-05-24 17:39
Modified
2022-05-24 17:39
Details
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
{ affected: [], aliases: [ "CVE-2020-25686", ], database_specific: { cwe_ids: [ "CWE-358", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2021-01-20T17:15:00Z", severity: "MODERATE", }, details: "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", id: "GHSA-9xp3-mp9c-47rf", modified: "2022-05-24T17:39:33Z", published: "2022-05-24T17:39:33Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { type: "WEB", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32", }, { type: "WEB", url: "https://security.gentoo.org/glsa/202101-17", }, { type: "WEB", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61", }, { type: "WEB", url: "https://www.debian.org/security/2021/dsa-4844", }, { type: "WEB", url: "https://www.jsof-tech.com/disclosures/dnspooq", }, ], schema_version: "1.4.0", severity: [], }
icsa-21-019-01
Vulnerability from csaf_cisa
Published
2021-01-19 00:00
Modified
2021-03-09 00:00
Summary
dnsmasq by Simon Kelley (Update A)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could result in cache poisoning, remote code execution, and a denial-of-service condition.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
United Kingdom
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks:
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target these vulnerabilities.
{ document: { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", summary: "reporting these vulnerabilities to CISA", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en-US", notes: [ { category: "general", text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", title: "CISA Disclaimer", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "summary", text: "Successful exploitation of these vulnerabilities could result in cache poisoning, remote code execution, and a denial-of-service condition.", title: "Risk evaluation", }, { category: "other", text: "Multiple", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "United Kingdom", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, { category: "general", text: "CISA also recommends users take the following measures to protect themselves from social engineering attacks:", title: "Recommended Practices", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "other", text: "No known public exploits specifically target these vulnerabilities.", title: "Exploitability", }, ], publisher: { category: "coordinator", contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "external", summary: "SSA-646763: DNSpooq - Dnsmasq Vulnerabilities in SCALANCE and RUGGEDCOM Devices - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-646763.json", }, { category: "self", summary: "ICS Advisory ICSA-21-019-01 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-019-01.json", }, { category: "self", summary: "ICS Advisory ICSA-21-019-01 Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-21-019-01", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/ncas/tips/ST04-014", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B", }, { category: "external", summary: "SSA-646763: DNSpooq - Dnsmasq Vulnerabilities in SCALANCE and RUGGEDCOM Devices - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-646763.pdf", }, { category: "external", summary: "SSA-646763: DNSpooq - Dnsmasq Vulnerabilities in SCALANCE and RUGGEDCOM Devices - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-646763.txt", }, ], title: "dnsmasq by Simon Kelley (Update A)", tracking: { current_release_date: "2021-03-09T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-21-019-01", initial_release_date: "2021-01-19T00:00:00.000000Z", revision_history: [ { date: "2021-01-19T00:00:00.000000Z", legacy_version: "Initial", number: "1", summary: "ICSA-21-019-01 Dnsmasq by Simon Kelley", }, { date: "2021-03-09T00:00:00.000000Z", legacy_version: "A", number: "2", summary: "ICSA-21-019-01 dnsmasq by Simon Kelley (Update A)", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "< V6.4", product: { name: "RUGGEDCOM RM1224", product_id: "CSAFPID-0001", }, }, ], category: "product_name", name: "RUGGEDCOM RM1224", }, { branches: [ { category: "product_version_range", name: "< V6.4", product: { name: "SCALANCE M-800", product_id: "CSAFPID-0002", }, }, ], category: "product_name", name: "SCALANCE M-800", }, { branches: [ { category: "product_version_range", name: "< V6.4", product: { name: "SCALANCE S615", product_id: "CSAFPID-0003", }, }, ], category: "product_name", name: "SCALANCE S615", }, { branches: [ { category: "product_version_range", name: "< V2.1.3", product: { name: "SCALANCE SC-600", product_id: "CSAFPID-0004", }, }, ], category: "product_name", name: "SCALANCE SC-600", }, { branches: [ { category: "product_version_range", name: "vers:all/*", product: { name: "SCALANCE W1750D", product_id: "CSAFPID-0005", }, }, ], category: "product_name", name: "SCALANCE W1750D", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2020-25684", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, notes: [ { category: "summary", text: "Affected devices lack proper address/port check in the DNS reply_query function of dnsmasq.\n\nThis could make it easier for remote off-path attackers to forge replies.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, references: [ { summary: "CVE-2020-25684 - RUGGEDCOM RM1224", url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { summary: "CVE-2020-25684 - SCALANCE M-800", url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { summary: "CVE-2020-25684 - SCALANCE S615", url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { summary: "CVE-2020-25684 - SCALANCE SC-600", url: "https://support.industry.siemens.com/cs/ww/en/view/109793041/", }, { summary: "CVE-2020-25684 Mitre 5.0 json", url: "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-25684.json", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25684", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V6.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { category: "vendor_fix", details: "Update to V2.1.3 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109793041/", }, { category: "none_available", details: "Currently no remediation is available", product_ids: [ "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE M-800: Disable DNS proxy in the device configuration (System - DNS - DNS Proxy - Disable Checkbox „Enable DNS Proxy“), and configure the connected devices in the internal network to use a different DNS server. Note that the DNS proxy is enabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "RUGGEDCOM RM1224: Same as for SCALANCE M-800. Note that the DNS proxy is enabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE S615: Same as for SCALANCE M-800. Note that the DNS proxy is disabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE SC-600: Same as for SCALANCE M-800. Note that the DNS proxy is disabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE W1750D: If “OpenDNS”, “Captive Portal” or “URL redirection” functionality is not used, deploy firewall rules in the device configuration to block incoming access to port 53/UDP", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N/E:P/RL:U/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, ], title: "CVE-2020-25684", }, { cve: "CVE-2020-25685", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, notes: [ { category: "summary", text: "Affected devices lack query resource name (RRNAME) checks in the DNS reply_query function of dnsmasq.\n\nThis could allow a remote attacker to spoof DNS traffic that can lead to DNS cache poisoning.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, references: [ { summary: "CVE-2020-25685 - RUGGEDCOM RM1224", url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { summary: "CVE-2020-25685 - SCALANCE M-800", url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { summary: "CVE-2020-25685 - SCALANCE S615", url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { summary: "CVE-2020-25685 - SCALANCE SC-600", url: "https://support.industry.siemens.com/cs/ww/en/view/109793041/", }, { summary: "CVE-2020-25685 Mitre 5.0 json", url: "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-25685.json", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25685", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V6.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { category: "vendor_fix", details: "Update to V2.1.3 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109793041/", }, { category: "none_available", details: "Currently no remediation is available", product_ids: [ "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE M-800: Disable DNS proxy in the device configuration (System - DNS - DNS Proxy - Disable Checkbox „Enable DNS Proxy“), and configure the connected devices in the internal network to use a different DNS server. Note that the DNS proxy is enabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "RUGGEDCOM RM1224: Same as for SCALANCE M-800. Note that the DNS proxy is enabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE S615: Same as for SCALANCE M-800. Note that the DNS proxy is disabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE SC-600: Same as for SCALANCE M-800. Note that the DNS proxy is disabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE W1750D: If “OpenDNS”, “Captive Portal” or “URL redirection” functionality is not used, deploy firewall rules in the device configuration to block incoming access to port 53/UDP", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N/E:P/RL:U/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, ], title: "CVE-2020-25685", }, { cve: "CVE-2020-25686", cwe: { id: "CWE-330", name: "Use of Insufficiently Random Values", }, notes: [ { category: "summary", text: "Affected devices lack sufficient entropy in dnsmasq to handle multiple DNS query requests from the same resource name (RRNAME).\n\nThis could allow a remote attacker to spoof DNS traffic, using a birthday attack (RFC 5452), than can lead to DNS cache poisoning.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, references: [ { summary: "CVE-2020-25686 - RUGGEDCOM RM1224", url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { summary: "CVE-2020-25686 - SCALANCE M-800", url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { summary: "CVE-2020-25686 - SCALANCE S615", url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { summary: "CVE-2020-25686 - SCALANCE SC-600", url: "https://support.industry.siemens.com/cs/ww/en/view/109793041/", }, { summary: "CVE-2020-25686 Mitre 5.0 json", url: "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-25686.json", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25686", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V6.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { category: "vendor_fix", details: "Update to V2.1.3 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109793041/", }, { category: "none_available", details: "Currently no remediation is available", product_ids: [ "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE M-800: Disable DNS proxy in the device configuration (System - DNS - DNS Proxy - Disable Checkbox „Enable DNS Proxy“), and configure the connected devices in the internal network to use a different DNS server. Note that the DNS proxy is enabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "RUGGEDCOM RM1224: Same as for SCALANCE M-800. Note that the DNS proxy is enabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE S615: Same as for SCALANCE M-800. Note that the DNS proxy is disabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE SC-600: Same as for SCALANCE M-800. Note that the DNS proxy is disabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE W1750D: If “OpenDNS”, “Captive Portal” or “URL redirection” functionality is not used, deploy firewall rules in the device configuration to block incoming access to port 53/UDP", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N/E:P/RL:U/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, ], title: "CVE-2020-25686", }, ], }
ICSA-21-019-01
Vulnerability from csaf_cisa
Published
2021-01-19 00:00
Modified
2021-03-09 00:00
Summary
dnsmasq by Simon Kelley (Update A)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could result in cache poisoning, remote code execution, and a denial-of-service condition.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
United Kingdom
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks:
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target these vulnerabilities.
{ document: { acknowledgments: [ { names: [ "Moshe Kol", "Shlomi Oberman", ], organization: "JSOF", summary: "reporting these vulnerabilities to CISA", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en-US", notes: [ { category: "general", text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", title: "CISA Disclaimer", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "summary", text: "Successful exploitation of these vulnerabilities could result in cache poisoning, remote code execution, and a denial-of-service condition.", title: "Risk evaluation", }, { category: "other", text: "Multiple", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "United Kingdom", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, { category: "general", text: "CISA also recommends users take the following measures to protect themselves from social engineering attacks:", title: "Recommended Practices", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "other", text: "No known public exploits specifically target these vulnerabilities.", title: "Exploitability", }, ], publisher: { category: "coordinator", contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "external", summary: "SSA-646763: DNSpooq - Dnsmasq Vulnerabilities in SCALANCE and RUGGEDCOM Devices - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-646763.json", }, { category: "self", summary: "ICS Advisory ICSA-21-019-01 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-019-01.json", }, { category: "self", summary: "ICS Advisory ICSA-21-019-01 Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-21-019-01", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/ncas/tips/ST04-014", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B", }, { category: "external", summary: "SSA-646763: DNSpooq - Dnsmasq Vulnerabilities in SCALANCE and RUGGEDCOM Devices - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-646763.pdf", }, { category: "external", summary: "SSA-646763: DNSpooq - Dnsmasq Vulnerabilities in SCALANCE and RUGGEDCOM Devices - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-646763.txt", }, ], title: "dnsmasq by Simon Kelley (Update A)", tracking: { current_release_date: "2021-03-09T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-21-019-01", initial_release_date: "2021-01-19T00:00:00.000000Z", revision_history: [ { date: "2021-01-19T00:00:00.000000Z", legacy_version: "Initial", number: "1", summary: "ICSA-21-019-01 Dnsmasq by Simon Kelley", }, { date: "2021-03-09T00:00:00.000000Z", legacy_version: "A", number: "2", summary: "ICSA-21-019-01 dnsmasq by Simon Kelley (Update A)", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "< V6.4", product: { name: "RUGGEDCOM RM1224", product_id: "CSAFPID-0001", }, }, ], category: "product_name", name: "RUGGEDCOM RM1224", }, { branches: [ { category: "product_version_range", name: "< V6.4", product: { name: "SCALANCE M-800", product_id: "CSAFPID-0002", }, }, ], category: "product_name", name: "SCALANCE M-800", }, { branches: [ { category: "product_version_range", name: "< V6.4", product: { name: "SCALANCE S615", product_id: "CSAFPID-0003", }, }, ], category: "product_name", name: "SCALANCE S615", }, { branches: [ { category: "product_version_range", name: "< V2.1.3", product: { name: "SCALANCE SC-600", product_id: "CSAFPID-0004", }, }, ], category: "product_name", name: "SCALANCE SC-600", }, { branches: [ { category: "product_version_range", name: "vers:all/*", product: { name: "SCALANCE W1750D", product_id: "CSAFPID-0005", }, }, ], category: "product_name", name: "SCALANCE W1750D", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2020-25684", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, notes: [ { category: "summary", text: "Affected devices lack proper address/port check in the DNS reply_query function of dnsmasq.\n\nThis could make it easier for remote off-path attackers to forge replies.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, references: [ { summary: "CVE-2020-25684 - RUGGEDCOM RM1224", url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { summary: "CVE-2020-25684 - SCALANCE M-800", url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { summary: "CVE-2020-25684 - SCALANCE S615", url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { summary: "CVE-2020-25684 - SCALANCE SC-600", url: "https://support.industry.siemens.com/cs/ww/en/view/109793041/", }, { summary: "CVE-2020-25684 Mitre 5.0 json", url: "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-25684.json", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25684", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V6.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { category: "vendor_fix", details: "Update to V2.1.3 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109793041/", }, { category: "none_available", details: "Currently no remediation is available", product_ids: [ "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE M-800: Disable DNS proxy in the device configuration (System - DNS - DNS Proxy - Disable Checkbox „Enable DNS Proxy“), and configure the connected devices in the internal network to use a different DNS server. Note that the DNS proxy is enabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "RUGGEDCOM RM1224: Same as for SCALANCE M-800. Note that the DNS proxy is enabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE S615: Same as for SCALANCE M-800. Note that the DNS proxy is disabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE SC-600: Same as for SCALANCE M-800. Note that the DNS proxy is disabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE W1750D: If “OpenDNS”, “Captive Portal” or “URL redirection” functionality is not used, deploy firewall rules in the device configuration to block incoming access to port 53/UDP", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N/E:P/RL:U/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, ], title: "CVE-2020-25684", }, { cve: "CVE-2020-25685", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, notes: [ { category: "summary", text: "Affected devices lack query resource name (RRNAME) checks in the DNS reply_query function of dnsmasq.\n\nThis could allow a remote attacker to spoof DNS traffic that can lead to DNS cache poisoning.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, references: [ { summary: "CVE-2020-25685 - RUGGEDCOM RM1224", url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { summary: "CVE-2020-25685 - SCALANCE M-800", url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { summary: "CVE-2020-25685 - SCALANCE S615", url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { summary: "CVE-2020-25685 - SCALANCE SC-600", url: "https://support.industry.siemens.com/cs/ww/en/view/109793041/", }, { summary: "CVE-2020-25685 Mitre 5.0 json", url: "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-25685.json", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25685", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V6.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { category: "vendor_fix", details: "Update to V2.1.3 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109793041/", }, { category: "none_available", details: "Currently no remediation is available", product_ids: [ "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE M-800: Disable DNS proxy in the device configuration (System - DNS - DNS Proxy - Disable Checkbox „Enable DNS Proxy“), and configure the connected devices in the internal network to use a different DNS server. Note that the DNS proxy is enabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "RUGGEDCOM RM1224: Same as for SCALANCE M-800. Note that the DNS proxy is enabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE S615: Same as for SCALANCE M-800. Note that the DNS proxy is disabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE SC-600: Same as for SCALANCE M-800. Note that the DNS proxy is disabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE W1750D: If “OpenDNS”, “Captive Portal” or “URL redirection” functionality is not used, deploy firewall rules in the device configuration to block incoming access to port 53/UDP", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N/E:P/RL:U/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, ], title: "CVE-2020-25685", }, { cve: "CVE-2020-25686", cwe: { id: "CWE-330", name: "Use of Insufficiently Random Values", }, notes: [ { category: "summary", text: "Affected devices lack sufficient entropy in dnsmasq to handle multiple DNS query requests from the same resource name (RRNAME).\n\nThis could allow a remote attacker to spoof DNS traffic, using a birthday attack (RFC 5452), than can lead to DNS cache poisoning.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, references: [ { summary: "CVE-2020-25686 - RUGGEDCOM RM1224", url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { summary: "CVE-2020-25686 - SCALANCE M-800", url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { summary: "CVE-2020-25686 - SCALANCE S615", url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { summary: "CVE-2020-25686 - SCALANCE SC-600", url: "https://support.industry.siemens.com/cs/ww/en/view/109793041/", }, { summary: "CVE-2020-25686 Mitre 5.0 json", url: "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-25686.json", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25686", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V6.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109794349/", }, { category: "vendor_fix", details: "Update to V2.1.3 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109793041/", }, { category: "none_available", details: "Currently no remediation is available", product_ids: [ "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE M-800: Disable DNS proxy in the device configuration (System - DNS - DNS Proxy - Disable Checkbox „Enable DNS Proxy“), and configure the connected devices in the internal network to use a different DNS server. Note that the DNS proxy is enabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "RUGGEDCOM RM1224: Same as for SCALANCE M-800. Note that the DNS proxy is enabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE S615: Same as for SCALANCE M-800. Note that the DNS proxy is disabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE SC-600: Same as for SCALANCE M-800. Note that the DNS proxy is disabled by default.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "SCALANCE W1750D: If “OpenDNS”, “Captive Portal” or “URL redirection” functionality is not used, deploy firewall rules in the device configuration to block incoming access to port 53/UDP", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N/E:P/RL:U/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", ], }, ], title: "CVE-2020-25686", }, ], }
var-202101-0222
Vulnerability from variot
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity. dnsmasq Contains a spoofing authentication evasion vulnerability.Information may be tampered with. Dnsmasq is a lightweight DNS forwarding and DHCP and TFTP server written in C language.
Dnsmasq has a security feature vulnerability. The vulnerability stems from not checking existing pending requests with the same name and forwarding a new request, allowing an attacker to perform a "birthday attack" scenario to forge a response and possibly destroy the DNS cache. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an malicious user to perform a DNS Cache Poisoning attack. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. (CVE-2020-25686).
For the stable distribution (buster), these problems have been fixed in version 2.80-1+deb10u1.
For the detailed security status of dnsmasq please refer to its security tracker page at: https://security-tracker.debian.org/tracker/dnsmasq
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAmAZVA4ACgkQEL6Jg/PV nWQYKAgAgVwonRAgXSliaFh0n44OPOz9wf4KibG7otcnAx4V4XqFAeXsHd/hIX/K IC313F3I+8WzvjKBhvt2KnGG9SnoTnq4roBIa1nz//vNX0hyfDm5xPlxQOExzC+c YS8kGt++SvC2wgOsrZEjyk0ecKqDJmZSwW31zXG9/2kTzCbKjuDp+i4TTADqabPC AgbmEGVKBR2Fk7K9Prct27oWoj7LHMaH+Ttb8uQGnG7OgJs9KyRI+2qIu+VaRCGf yfRj+XayPYHV1Amf5dLIKcLMMp/FnkNFoO2YIAZkWVPjXD2uPKUykJJ1GRl8R+0q qtNhPTNNuD6WnYzC8yP0KIQ2tsbg9Q== =j5Ka -----END PGP SIGNATURE----- . Relevant releases/architectures:
RHEL 8-based RHEV-H for RHEV 4 (build requirements) - noarch, x86_64 Red Hat Virtualization 4 Hypervisor for RHEL 8 - noarch, x86_64 Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts - noarch
- Description:
The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
Security Fix(es):
-
sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)
-
dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
-
dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
-
dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Previously, the Red Hat Virtualization Host (RHV-H) repository (rhvh-4-for-rhel-8-x86_64-rpms) did not include the libsmbclient package, which is a dependency for the sssd-ad package. Consequently, the sssd-ad package failed to install.
With this update, the libsmbclient is now in the RHV-H repository, and sssd-ad now installs on RHV-H. (BZ#1868967)
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/2974891
After installing this update, the smb service will be restarted automatically. Bugs fixed (https://bugzilla.redhat.com/):
1850939 - Hosted engine deployment does not properly show iSCSI LUN errors 1868967 - sssd-ad installation fails on RHV-H 4.4 due to missing libsmbclient from samba package in rhvh-4-for-rhel-8-x86_64-rpms channel 1889686 - CVE-2020-25684 dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker 1889688 - CVE-2020-25685 dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker 1890125 - CVE-2020-25686 dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker 1902315 - Rebase RHV-H 4.4 to RHV 4.4.4 1902646 - ssh connection fails due to overly permissive openssh.config file permissions 1909644 - HE deploy failed with "Failed to download metadata for repo 'rhel-8-for-x86_64-baseos-beta-rpms': Cannot download repomd.xml 1917684 - CVE-2021-3156 sudo: Heap buffer overflow in argument parsing 1921553 - RHVH upgrade to the latest 4.4.4-1 build will fail due to FileNotFoundError 1923126 - Hosted Engine setup fails on storage selection - Retrieval of iSCSI targets failed. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
-
7.2) - x86_64
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: OpenShift Container Platform 4.4.33 bug fix and security update Advisory ID: RHSA-2021:0281-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2021:0281 Issue date: 2021-02-03 CVE Names: CVE-2020-2304 CVE-2020-2305 CVE-2020-8559 CVE-2020-8564 CVE-2020-14382 CVE-2020-25681 CVE-2020-25682 CVE-2020-25683 CVE-2020-25684 CVE-2020-25685 CVE-2020-25686 CVE-2020-25687 CVE-2020-25694 CVE-2020-25696 CVE-2021-20182 =====================================================================
- Summary:
Red Hat OpenShift Container Platform release 4.4.33 is now available with updates to packages and images that fix several bugs and add enhancements.
This release also includes a security update for Red Hat OpenShift Container Platform 4.4.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
Security Fix(es):
-
openshift: builder allows read and write of block devices (CVE-2021-20182)
-
kubernetes: Compromised node could escalate to cluster level privileges (CVE-2020-8559)
-
kubernetes: Docker config secrets leaked when file is malformed and loglevel >= 4 (CVE-2020-8564)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.4.33. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHSA-2021:0282
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.4/release_notes/ocp-4-4-rel ease-notes.html
This update fixes the following bugs among others:
-
Previously, there were broken connections to the API server that caused nodes to remain in the NotReady state. Detecting a broken network connection could take up to 15 minutes, during which the platform would remain unavailable. This is now fixed by setting the TCP_USER_TIMEOUT socket option, which controls how long transmitted data can be unacknowledged before the connection is forcefully closed. (BZ#1907939)
-
Previously, the quota controllers only worked on resources retrieved from the discovery endpoint, which might contain only a fraction of all resources due to a network error. This is now fixed by having the quota controllers periodically resync when new resources are observed from the discovery endpoint. (BZ#1910096)
-
Previously, the kuryr-controller was comparing security groups related to network policies incorrectly. This caused security rules related to a network policy to be recreated on every minor update of that network policy. This bug has been fixed, allowing network policy updates that already have existing rules to be preserved; network policy additions or deletions are performed, if needed. (BZ#1910221)
You may download the oc tool and use it to inspect release image metadata as follows:
(For x86_64 architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.4.33-x86_64
The image digest is sha256:a035dddd8a5e5c99484138951ef4aba021799b77eb9046f683a5466c23717738
(For s390x architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.4.33-s390x
The image digest is sha256:ecc1e5aaf8496dd60a7703562fd6c65541172a56ae9008fce6db5d55e43371dc
(For ppc64le architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.4.33-ppc64le
The image digest is sha256:567bf8031c80b08e3e56a57e1c8e5b0b01a2f922e01b36ee333f6ab5bff95495
All OpenShift Container Platform 4.4 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.4/updating/updating-cluster - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - -minor.
- Solution:
For OpenShift Container Platform 4.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.4/release_notes/ocp-4-4-rel ease-notes.html
Details on how to access this content are available at https://docs.openshift.com/container-platform/4.4/updating/updating-cluster - -cli.html.
- Bugs fixed (https://bugzilla.redhat.com/):
1848516 - [4.4] Unresponsive OpenShift 4.4 cluster on Azure (UPI) 1851422 - CVE-2020-8559 kubernetes: compromised node could escalate to cluster level privileges 1886637 - CVE-2020-8564 kubernetes: Docker config secrets leaked when file is malformed and loglevel >= 4 1895332 - NP CRD unable to be patched because of missing sg rule ID 1897546 - Backup taken on one master cannot be restored on other masters 1900727 - Using shareProcessNamespace with default pod image leaves unreaped processes 1904413 - (release 4.4) Hostsubnet gatherer produces wrong output 1905891 - genericapiserver library must wait for server.Shutdown 1906484 - Etcd container leaves grep and lsof zombie processes 1907939 - Nodes goes into NotReady state (VMware) 1910096 - [release-4.4] The quota controllers should resync on new resources and make progress 1910221 - kuryr tempest plugin test test_ipblock_network_policy_sg_rules fails 1915110 - CVE-2021-20182 openshift: builder allows read and write of block devices 1916952 - OperatorExited, Pending marketplace-operator-... pod for several weeks 1917416 - e2e: should be able to pull image from docker hub is failing permanently 1918609 - ARO/Azure: excessive pod memory allocation causes node lockup 1918974 - [sig-devex][Feature:ImageEcosystem][Slow] openshift images should be SCL enabled returning s2i usage when running the image
- References:
https://access.redhat.com/security/cve/CVE-2020-2304 https://access.redhat.com/security/cve/CVE-2020-2305 https://access.redhat.com/security/cve/CVE-2020-8559 https://access.redhat.com/security/cve/CVE-2020-8564 https://access.redhat.com/security/cve/CVE-2020-14382 https://access.redhat.com/security/cve/CVE-2020-25681 https://access.redhat.com/security/cve/CVE-2020-25682 https://access.redhat.com/security/cve/CVE-2020-25683 https://access.redhat.com/security/cve/CVE-2020-25684 https://access.redhat.com/security/cve/CVE-2020-25685 https://access.redhat.com/security/cve/CVE-2020-25686 https://access.redhat.com/security/cve/CVE-2020-25687 https://access.redhat.com/security/cve/CVE-2020-25694 https://access.redhat.com/security/cve/CVE-2020-25696 https://access.redhat.com/security/cve/CVE-2021-20182 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYBp6w9zjgjWX9erEAQg0JhAAhv2R8jAKUz7A/RTezDOJQiDcQ1do+jV2 PD59ab0pCrWCA70gAh7mdZnaniKQGeBL1qh/lOYV0GPOpsGZjTG9ylVOg2TOEnjD /WMOnHMehWoyZR6Ys0SNQFkdf0bkvLE33r5qEcd+l/cElaqxSH4b1gG2jU9FUOK8 fAG9tmWvfbSXgGcpND5guS/jVuL8dQOyC1ktQnXdfkMvZLDOlwBotGbxTi/adzUS 6YzikRCBzoZMZC13+ZtiznfIQeq8lKlZ3+0O2lXi5KTiSqby7HmIrawUwtiHUnzJ 9VUs8zIcA/ynr3h5POhvpg0XgioUsjJ+2U0r8EP+rYtJ4lcrT68vhAzkCysMg/y4 znQ+y5M4uoxXycB92kFrMA1og8jfJCuh5y50duo9OhOe2D75Em0XnhwGoEJrDe3z jefvSwBb9WNG+jagrX69aaBrq36qhfutaI0SU7FNhoHL4Ev50zByBXSFJzQR3b59 fh0YdzC1VTCE/LKBhELpuW7VOk4MDEs5AQAiIXv3QxKKmnyLJwnQUMwSdZiQef2X z5p8crPmGEwdZ10cDgmFH7mOb2F2utFy1FzuDh+h5lXhAmCfgggiHp5fADd43h47 EAtIwmu3VurOIkvMaqQTwL5SjVAajd26KVAa09Pb6TdWAhN/jFFRvjKJMm7523Mo mafFnOJZH7k= =9sMW -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Bug Fix(es):
- When performing an upgrade of the Red Hat Virtualization Host using the
command
yum update, the yum repository for RHV 4.3 EUS is unreachable
As a workaround, run the following command:
# yum update --releasever=7Server (BZ#1899378)
- ========================================================================== Ubuntu Security Notice USN-4698-1 January 19, 2021
dnsmasq vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in Dnsmasq.
Software Description: - dnsmasq: Small caching DNS proxy and DHCP/TFTP server
Details:
Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25681, CVE-2020-25687)
Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25682, CVE-2020-25683)
Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented address/port checks. (CVE-2020-25684)
Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented query resource name checks. (CVE-2020-25685)
Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled multiple query requests for the same resource name. (CVE-2020-25686)
It was discovered that Dnsmasq incorrectly handled memory during DHCP response creation. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2019-14834)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.10: dnsmasq 2.82-1ubuntu1.1 dnsmasq-base 2.82-1ubuntu1.1 dnsmasq-utils 2.82-1ubuntu1.1
Ubuntu 20.04 LTS: dnsmasq 2.80-1.1ubuntu1.2 dnsmasq-base 2.80-1.1ubuntu1.2 dnsmasq-utils 2.80-1.1ubuntu1.2
Ubuntu 18.04 LTS: dnsmasq 2.79-1ubuntu0.2 dnsmasq-base 2.79-1ubuntu0.2 dnsmasq-utils 2.79-1ubuntu0.2
Ubuntu 16.04 LTS: dnsmasq 2.75-1ubuntu0.16.04.7 dnsmasq-base 2.75-1ubuntu0.16.04.7 dnsmasq-utils 2.75-1ubuntu0.16.04.7
After a standard system update you need to reboot your computer to make all the necessary changes
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202101-0222", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "33", }, { model: "eos", scope: "lt", trust: 1, vendor: "arista", version: "4.24.5m", }, { model: "eos", scope: "gte", trust: 1, vendor: "arista", version: "4.22", }, { model: "eos", scope: "gte", trust: 1, vendor: "arista", version: "4.21", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "10.0", }, { model: "eos", scope: "lt", trust: 1, vendor: "arista", version: "4.23.7m", }, { model: "eos", scope: "lt", trust: 1, vendor: "arista", version: "4.25.2f", }, { model: "eos", scope: "gte", trust: 1, vendor: "arista", version: "4.23", }, { model: "eos", scope: "lt", trust: 1, vendor: "arista", version: "4.22.9m", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "32", }, { model: "eos", scope: "gte", trust: 1, vendor: "arista", version: "4.24", }, { model: "eos", scope: "lt", trust: 1, vendor: "arista", version: "4.21.14m", }, { model: "eos", scope: "gte", trust: 1, vendor: "arista", version: "4.25", }, { model: "dnsmasq", scope: "lt", trust: 1, vendor: "thekelleys", version: "2.83", }, { model: "fedora", scope: null, trust: 0.8, vendor: "fedora", version: null, }, { model: "dnsmasq", scope: null, trust: 0.8, vendor: "thekelleys", version: null, }, { model: "gnu/linux", scope: null, trust: 0.8, vendor: "debian", version: null, }, { model: "dnsmasq", scope: "eq", trust: 0.6, vendor: "dnsmasq", version: "2.83", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-16429", }, { db: "JVNDB", id: "JVNDB-2020-015596", }, { db: "NVD", id: "CVE-2020-25686", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Ubuntu", sources: [ { db: "PACKETSTORM", id: "161010", }, { db: "CNNVD", id: "CNNVD-202101-1567", }, ], trust: 0.7, }, cve: "CVE-2020-25686", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CVE-2020-25686", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CNVD-2021-16429", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "HIGH", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", exploitabilityScore: 2.2, id: "CVE-2020-25686", impactScore: 1.4, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, { attackComplexity: "High", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 3.7, baseSeverity: "Low", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2020-25686", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-25686", trust: 1, value: "LOW", }, { author: "NVD", id: "CVE-2020-25686", trust: 0.8, value: "Low", }, { author: "CNVD", id: "CNVD-2021-16429", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202101-1567", trust: 0.6, value: "LOW", }, { author: "VULMON", id: "CVE-2020-25686", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-16429", }, { db: "VULMON", id: "CVE-2020-25686", }, { db: "JVNDB", id: "JVNDB-2020-015596", }, { db: "CNNVD", id: "CNNVD-202101-1567", }, { db: "NVD", id: "CVE-2020-25686", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity. dnsmasq Contains a spoofing authentication evasion vulnerability.Information may be tampered with. Dnsmasq is a lightweight DNS forwarding and DHCP and TFTP server written in C language. \n\r\n\r\nDnsmasq has a security feature vulnerability. The vulnerability stems from not checking existing pending requests with the same name and forwarding a new request, allowing an attacker to perform a \"birthday attack\" scenario to forge a response and possibly destroy the DNS cache. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an malicious user to perform a DNS Cache Poisoning attack. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. (CVE-2020-25686). \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 2.80-1+deb10u1. \n\nFor the detailed security status of dnsmasq please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/dnsmasq\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAmAZVA4ACgkQEL6Jg/PV\nnWQYKAgAgVwonRAgXSliaFh0n44OPOz9wf4KibG7otcnAx4V4XqFAeXsHd/hIX/K\nIC313F3I+8WzvjKBhvt2KnGG9SnoTnq4roBIa1nz//vNX0hyfDm5xPlxQOExzC+c\nYS8kGt++SvC2wgOsrZEjyk0ecKqDJmZSwW31zXG9/2kTzCbKjuDp+i4TTADqabPC\nAgbmEGVKBR2Fk7K9Prct27oWoj7LHMaH+Ttb8uQGnG7OgJs9KyRI+2qIu+VaRCGf\nyfRj+XayPYHV1Amf5dLIKcLMMp/FnkNFoO2YIAZkWVPjXD2uPKUykJJ1GRl8R+0q\nqtNhPTNNuD6WnYzC8yP0KIQ2tsbg9Q==\n=j5Ka\n-----END PGP SIGNATURE-----\n. Relevant releases/architectures:\n\nRHEL 8-based RHEV-H for RHEV 4 (build requirements) - noarch, x86_64\nRed Hat Virtualization 4 Hypervisor for RHEL 8 - noarch, x86_64\nRed Hat Virtualization 4 Management Agent for RHEL 7 Hosts - noarch\n\n3. Description:\n\nThe redhat-virtualization-host packages provide the Red Hat Virtualization\nHost. These packages include redhat-release-virtualization-host,\novirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are\ninstalled using a special build of Red Hat Enterprise Linux with only the\npackages required to host virtual machines. RHVH features a Cockpit user\ninterface for monitoring the host's resources and performing administrative\ntasks. \n\nSecurity Fix(es):\n\n* sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies\neasier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies\neasier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging\nreplies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fix(es):\n\n* Previously, the Red Hat Virtualization Host (RHV-H) repository\n(rhvh-4-for-rhel-8-x86_64-rpms) did not include the libsmbclient package,\nwhich is a dependency for the sssd-ad package. Consequently, the sssd-ad\npackage failed to install. \n\nWith this update, the libsmbclient is now in the RHV-H repository, and\nsssd-ad now installs on RHV-H. (BZ#1868967)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891\n\nAfter installing this update, the smb service will be restarted\nautomatically. Bugs fixed (https://bugzilla.redhat.com/):\n\n1850939 - Hosted engine deployment does not properly show iSCSI LUN errors\n1868967 - sssd-ad installation fails on RHV-H 4.4 due to missing libsmbclient from samba package in rhvh-4-for-rhel-8-x86_64-rpms channel\n1889686 - CVE-2020-25684 dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker\n1889688 - CVE-2020-25685 dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker\n1890125 - CVE-2020-25686 dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker\n1902315 - Rebase RHV-H 4.4 to RHV 4.4.4\n1902646 - ssh connection fails due to overly permissive openssh.config file permissions\n1909644 - HE deploy failed with \"Failed to download metadata for repo 'rhel-8-for-x86_64-baseos-beta-rpms': Cannot download repomd.xml\n1917684 - CVE-2021-3156 sudo: Heap buffer overflow in argument parsing\n1921553 - RHVH upgrade to the latest 4.4.4-1 build will fail due to FileNotFoundError\n1923126 - Hosted Engine setup fails on storage selection - Retrieval of iSCSI targets failed. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. 7.2) - x86_64\n\n3. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: OpenShift Container Platform 4.4.33 bug fix and security update\nAdvisory ID: RHSA-2021:0281-01\nProduct: Red Hat OpenShift Enterprise\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:0281\nIssue date: 2021-02-03\nCVE Names: CVE-2020-2304 CVE-2020-2305 CVE-2020-8559 \n CVE-2020-8564 CVE-2020-14382 CVE-2020-25681 \n CVE-2020-25682 CVE-2020-25683 CVE-2020-25684 \n CVE-2020-25685 CVE-2020-25686 CVE-2020-25687 \n CVE-2020-25694 CVE-2020-25696 CVE-2021-20182 \n=====================================================================\n\n1. Summary:\n\nRed Hat OpenShift Container Platform release 4.4.33 is now available with\nupdates to packages and images that fix several bugs and add enhancements. \n\nThis release also includes a security update for Red Hat OpenShift\nContainer Platform 4.4. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Description:\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments. \n\nSecurity Fix(es):\n\n* openshift: builder allows read and write of block devices\n(CVE-2021-20182)\n\n* kubernetes: Compromised node could escalate to cluster level privileges\n(CVE-2020-8559)\n\n* kubernetes: Docker config secrets leaked when file is malformed and\nloglevel >= 4 (CVE-2020-8564)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 4.4.33. See the following advisory for the RPM packages for this\nrelease:\n\nhttps://access.redhat.com/errata/RHSA-2021:0282\n\nSpace precludes documenting all of the container images in this advisory. \nSee the following Release Notes documentation, which will be updated\nshortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.4/release_notes/ocp-4-4-rel\nease-notes.html\n\nThis update fixes the following bugs among others:\n\n* Previously, there were broken connections to the API server that caused\nnodes to remain in the NotReady state. Detecting a broken network\nconnection could take up to 15 minutes, during which the platform would\nremain unavailable. This is now fixed by setting the TCP_USER_TIMEOUT\nsocket option, which controls how long transmitted data can be\nunacknowledged before the connection is forcefully closed. (BZ#1907939)\n\n* Previously, the quota controllers only worked on resources retrieved from\nthe discovery endpoint, which might contain only a fraction of all\nresources due to a network error. This is now fixed by having the quota\ncontrollers periodically resync when new resources are observed from the\ndiscovery endpoint. (BZ#1910096)\n\n* Previously, the kuryr-controller was comparing security groups related to\nnetwork policies incorrectly. This caused security rules related to a\nnetwork policy to be recreated on every minor update of that network\npolicy. This bug has been fixed, allowing network policy updates that\nalready have existing rules to be preserved; network policy additions or\ndeletions are performed, if needed. (BZ#1910221)\n\nYou may download the oc tool and use it to inspect release image metadata\nas follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.4.33-x86_64\n\nThe image digest is\nsha256:a035dddd8a5e5c99484138951ef4aba021799b77eb9046f683a5466c23717738\n\n(For s390x architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.4.33-s390x\n\nThe image digest is\nsha256:ecc1e5aaf8496dd60a7703562fd6c65541172a56ae9008fce6db5d55e43371dc\n\n(For ppc64le architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.4.33-ppc64le\n\nThe image digest is\nsha256:567bf8031c80b08e3e56a57e1c8e5b0b01a2f922e01b36ee333f6ab5bff95495\n\nAll OpenShift Container Platform 4.4 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.4/updating/updating-cluster\n- -between-minor.html#understanding-upgrade-channels_updating-cluster-between\n- -minor. \n\n3. Solution:\n\nFor OpenShift Container Platform 4.4 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.4/release_notes/ocp-4-4-rel\nease-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.4/updating/updating-cluster\n- -cli.html. \n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1848516 - [4.4] Unresponsive OpenShift 4.4 cluster on Azure (UPI)\n1851422 - CVE-2020-8559 kubernetes: compromised node could escalate to cluster level privileges\n1886637 - CVE-2020-8564 kubernetes: Docker config secrets leaked when file is malformed and loglevel >= 4\n1895332 - NP CRD unable to be patched because of missing sg rule ID\n1897546 - Backup taken on one master cannot be restored on other masters\n1900727 - Using shareProcessNamespace with default pod image leaves unreaped processes\n1904413 - (release 4.4) Hostsubnet gatherer produces wrong output\n1905891 - genericapiserver library must wait for server.Shutdown\n1906484 - Etcd container leaves grep and lsof zombie processes\n1907939 - Nodes goes into NotReady state (VMware)\n1910096 - [release-4.4] The quota controllers should resync on new resources and make progress\n1910221 - kuryr tempest plugin test test_ipblock_network_policy_sg_rules fails\n1915110 - CVE-2021-20182 openshift: builder allows read and write of block devices\n1916952 - OperatorExited, Pending marketplace-operator-... pod for several weeks\n1917416 - e2e: should be able to pull image from docker hub is failing permanently\n1918609 - ARO/Azure: excessive pod memory allocation causes node lockup\n1918974 - [sig-devex][Feature:ImageEcosystem][Slow] openshift images should be SCL enabled returning s2i usage when running the image\n\n5. References:\n\nhttps://access.redhat.com/security/cve/CVE-2020-2304\nhttps://access.redhat.com/security/cve/CVE-2020-2305\nhttps://access.redhat.com/security/cve/CVE-2020-8559\nhttps://access.redhat.com/security/cve/CVE-2020-8564\nhttps://access.redhat.com/security/cve/CVE-2020-14382\nhttps://access.redhat.com/security/cve/CVE-2020-25681\nhttps://access.redhat.com/security/cve/CVE-2020-25682\nhttps://access.redhat.com/security/cve/CVE-2020-25683\nhttps://access.redhat.com/security/cve/CVE-2020-25684\nhttps://access.redhat.com/security/cve/CVE-2020-25685\nhttps://access.redhat.com/security/cve/CVE-2020-25686\nhttps://access.redhat.com/security/cve/CVE-2020-25687\nhttps://access.redhat.com/security/cve/CVE-2020-25694\nhttps://access.redhat.com/security/cve/CVE-2020-25696\nhttps://access.redhat.com/security/cve/CVE-2021-20182\nhttps://access.redhat.com/security/updates/classification/#important\n\n6. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYBp6w9zjgjWX9erEAQg0JhAAhv2R8jAKUz7A/RTezDOJQiDcQ1do+jV2\nPD59ab0pCrWCA70gAh7mdZnaniKQGeBL1qh/lOYV0GPOpsGZjTG9ylVOg2TOEnjD\n/WMOnHMehWoyZR6Ys0SNQFkdf0bkvLE33r5qEcd+l/cElaqxSH4b1gG2jU9FUOK8\nfAG9tmWvfbSXgGcpND5guS/jVuL8dQOyC1ktQnXdfkMvZLDOlwBotGbxTi/adzUS\n6YzikRCBzoZMZC13+ZtiznfIQeq8lKlZ3+0O2lXi5KTiSqby7HmIrawUwtiHUnzJ\n9VUs8zIcA/ynr3h5POhvpg0XgioUsjJ+2U0r8EP+rYtJ4lcrT68vhAzkCysMg/y4\nznQ+y5M4uoxXycB92kFrMA1og8jfJCuh5y50duo9OhOe2D75Em0XnhwGoEJrDe3z\njefvSwBb9WNG+jagrX69aaBrq36qhfutaI0SU7FNhoHL4Ev50zByBXSFJzQR3b59\nfh0YdzC1VTCE/LKBhELpuW7VOk4MDEs5AQAiIXv3QxKKmnyLJwnQUMwSdZiQef2X\nz5p8crPmGEwdZ10cDgmFH7mOb2F2utFy1FzuDh+h5lXhAmCfgggiHp5fADd43h47\nEAtIwmu3VurOIkvMaqQTwL5SjVAajd26KVAa09Pb6TdWAhN/jFFRvjKJMm7523Mo\nmafFnOJZH7k=\n=9sMW\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nBug Fix(es):\n\n* When performing an upgrade of the Red Hat Virtualization Host using the\ncommand `yum update`, the yum repository for RHV 4.3 EUS is unreachable\n\nAs a workaround, run the following command:\n`# yum update --releasever=7Server` (BZ#1899378)\n\n4. ==========================================================================\nUbuntu Security Notice USN-4698-1\nJanuary 19, 2021\n\ndnsmasq vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 20.10\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Dnsmasq. \n\nSoftware Description:\n- dnsmasq: Small caching DNS proxy and DHCP/TFTP server\n\nDetails:\n\nMoshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled\nmemory when sorting RRsets. A remote attacker could use this issue to cause\nDnsmasq to hang, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2020-25681, CVE-2020-25687)\n\nMoshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled\nextracting certain names. A remote attacker could use this issue to cause\nDnsmasq to hang, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2020-25682, CVE-2020-25683)\n\nMoshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly\nimplemented address/port checks. (CVE-2020-25684)\n\nMoshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly\nimplemented query resource name checks. (CVE-2020-25685)\n\nMoshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled\nmultiple query requests for the same resource name. (CVE-2020-25686)\n\nIt was discovered that Dnsmasq incorrectly handled memory during DHCP\nresponse creation. A remote attacker could possibly use this issue to\ncause Dnsmasq to consume resources, leading to a denial of service. This\nissue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04\nLTS. (CVE-2019-14834)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 20.10:\n dnsmasq 2.82-1ubuntu1.1\n dnsmasq-base 2.82-1ubuntu1.1\n dnsmasq-utils 2.82-1ubuntu1.1\n\nUbuntu 20.04 LTS:\n dnsmasq 2.80-1.1ubuntu1.2\n dnsmasq-base 2.80-1.1ubuntu1.2\n dnsmasq-utils 2.80-1.1ubuntu1.2\n\nUbuntu 18.04 LTS:\n dnsmasq 2.79-1ubuntu0.2\n dnsmasq-base 2.79-1ubuntu0.2\n dnsmasq-utils 2.79-1ubuntu0.2\n\nUbuntu 16.04 LTS:\n dnsmasq 2.75-1ubuntu0.16.04.7\n dnsmasq-base 2.75-1ubuntu0.16.04.7\n dnsmasq-utils 2.75-1ubuntu0.16.04.7\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes", sources: [ { db: "NVD", id: "CVE-2020-25686", }, { db: "JVNDB", id: "JVNDB-2020-015596", }, { db: "CNVD", id: "CNVD-2021-16429", }, { db: "VULMON", id: "CVE-2020-25686", }, { db: "PACKETSTORM", id: "169002", }, { db: "PACKETSTORM", id: "161281", }, { db: "PACKETSTORM", id: "161100", }, { db: "PACKETSTORM", id: "161269", }, { db: "PACKETSTORM", id: "161272", }, { db: "PACKETSTORM", id: "161010", }, { db: "PACKETSTORM", id: "161101", }, ], trust: 2.88, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-25686", trust: 3.8, }, { db: "JVN", id: "JVNVU90340376", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2020-015596", trust: 0.8, }, { db: "PACKETSTORM", id: "161281", trust: 0.7, }, { db: "CNVD", id: "CNVD-2021-16429", trust: 0.6, }, { db: "PACKETSTORM", id: "161535", trust: 0.6, }, { db: "PACKETSTORM", id: "161085", trust: 0.6, }, { db: "CS-HELP", id: "SB2021122911", trust: 0.6, }, { db: "CS-HELP", id: "SB2021070106", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.0420", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.0692", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.0231", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.0864", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.0283", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.1088", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.0699", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-019-01", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202101-1567", trust: 0.6, }, { db: "VULMON", id: "CVE-2020-25686", trust: 0.1, }, { db: "PACKETSTORM", id: "169002", trust: 0.1, }, { db: "PACKETSTORM", id: "161100", trust: 0.1, }, { db: "PACKETSTORM", id: "161269", trust: 0.1, }, { db: "PACKETSTORM", id: "161272", trust: 0.1, }, { db: "PACKETSTORM", id: "161010", trust: 0.1, }, { db: "PACKETSTORM", id: "161101", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-16429", }, { db: "VULMON", id: "CVE-2020-25686", }, { db: "JVNDB", id: "JVNDB-2020-015596", }, { db: "PACKETSTORM", id: "169002", }, { db: "PACKETSTORM", id: "161281", }, { db: "PACKETSTORM", id: "161100", }, { db: "PACKETSTORM", id: "161269", }, { db: "PACKETSTORM", id: "161272", }, { db: "PACKETSTORM", id: "161010", }, { db: "PACKETSTORM", id: "161101", }, { db: "CNNVD", id: "CNNVD-202101-1567", }, { db: "NVD", id: "CVE-2020-25686", }, ], }, id: "VAR-202101-0222", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-16429", }, ], trust: 0.85396827, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-16429", }, ], }, last_update_date: "2024-11-29T20:00:21.342000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FEDORA-2021-84440e87ba thekelleysthekelleys", trust: 0.8, url: "https://www.debian.org/security/2021/dsa-4844", }, { title: "Patch for Dnsmasq security feature issue vulnerability (CNVD-2021-16429)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/251941", }, { title: "Dnsmasq Fixing measures for security feature vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=139935", }, { title: "Red Hat: Moderate: dnsmasq security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210156 - Security Advisory", }, { title: "Red Hat: Moderate: dnsmasq security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210240 - Security Advisory", }, { title: "Red Hat: Moderate: dnsmasq security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210245 - Security Advisory", }, { title: "Red Hat: Moderate: dnsmasq security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210153 - Security Advisory", }, { title: "Red Hat: Moderate: dnsmasq security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210154 - Security Advisory", }, { title: "Red Hat: Moderate: dnsmasq security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210155 - Security Advisory", }, { title: "Red Hat: Important: Red Hat Virtualization Host security bug fix and enhancement update [ovirt-4.4.4]", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210401 - Security Advisory", }, { title: "Red Hat: Important: RHV-H security, bug fix, enhancement update (redhat-virtualization-host) 4.3.13", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210395 - Security Advisory", }, { title: "Red Hat: Important: dnsmasq security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210151 - Security Advisory", }, { title: "Red Hat: Important: dnsmasq security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210150 - Security Advisory", }, { title: "Red Hat: Important: dnsmasq security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210152 - Security Advisory", }, { title: "Arch Linux Issues: ", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2020-25686 log", }, { title: "Amazon Linux 2: ALAS2-2021-1587", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1587", }, { title: "Debian Security Advisories: DSA-4844-1 dnsmasq -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=6bdd82a7af8c0333eca753b3b7b02111", }, { title: "Red Hat: Important: OpenShift Container Platform 4.4.33 bug fix and security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210281 - Security Advisory", }, { title: "Cisco: Multiple Vulnerabilities in dnsmasq DNS Forwarder Affecting Cisco Products: January 2021", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-dnsmasq-dns-2021-c5mrdf3g", }, { title: "dnspooq", trust: 0.1, url: "https://github.com/knqyf263/dnspooq ", }, { title: "multironic\nRequirements:\nInstall libvirt and prepare nodes\nhave to check why we need this\nTODO download ironic images later\nPull images\nTag images\nPush images\nrun httpd\nCheck that two vbmcs are running for the two nodes\nPlay with vbmc and ipmitools\nRun management cluster\nFirewall\nLaunch ironic\nrun capm3\nFirewall\nRef", trust: 0.1, url: "https://github.com/mboukhalfa/multironic ", }, { title: "Criminal IP NSE Script", trust: 0.1, url: "https://github.com/criminalip/CIP-NSE-Script ", }, { title: "Intro: What's pique or repique\n\n\nOverview", trust: 0.1, url: "https://github.com/AZ-X/pique ", }, { title: "https://github.com/klcheung99/CSCM28CW2", trust: 0.1, url: "https://github.com/klcheung99/CSCM28CW2 ", }, { title: "Kaosagnt's Ansible Everyday Utils", trust: 0.1, url: "https://github.com/kaosagnt/ansible-everyday ", }, { title: "F5の脆弱性情報", trust: 0.1, url: "https://github.com/DNTYO/F5_Vulnerability ", }, { title: "Vulnerability", trust: 0.1, url: "https://github.com/tzwlhack/Vulnerability ", }, { title: "TOP\nTable of Contents\nDonation", trust: 0.1, url: "https://github.com/JERRY123S/all-poc ", }, { title: "SecBooks\nSecBooks目录", trust: 0.1, url: "https://github.com/SexyBeast233/SecBooks ", }, { title: "Table of Contents", trust: 0.1, url: "https://github.com/CVEDB/top ", }, { title: "Table of Contents", trust: 0.1, url: "https://github.com/CVEDB/awesome-cve-repo ", }, { title: "TOP\nTable of Contents\nDonation", trust: 0.1, url: "https://github.com/hktalent/TOP ", }, { title: "TOP\nTable of Contents\nDonation", trust: 0.1, url: "https://github.com/cyberanand1337x/bug-bounty-2022 ", }, { title: "TOP\nTable of Contents\nDonation", trust: 0.1, url: "https://github.com/weeka10/-hktalent-TOP ", }, { title: "PoC in GitHub", trust: 0.1, url: "https://github.com/developer3000S/PoC-in-GitHub ", }, { title: "The Register", trust: 0.1, url: "https://www.theregister.co.uk/2021/01/20/dns_cache_poisoning/", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-16429", }, { db: "VULMON", id: "CVE-2020-25686", }, { db: "JVNDB", id: "JVNDB-2020-015596", }, { db: "CNNVD", id: "CNNVD-202101-1567", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-290", trust: 1, }, { problemtype: "CWE-358", trust: 1, }, { problemtype: "Avoid authentication by spoofing (CWE-290) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-015596", }, { db: "NVD", id: "CVE-2020-25686", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.5, url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { trust: 2.3, url: "https://www.jsof-tech.com/disclosures/dnspooq/", }, { trust: 2.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-25686", }, { trust: 1.7, url: "https://security.gentoo.org/glsa/202101-17", }, { trust: 1.7, url: "https://www.debian.org/security/2021/dsa-4844", }, { trust: 1.7, url: "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61", }, { trust: 1.1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/wyw3ir6apuskoykl5ft3actihwhgqy32/", }, { trust: 1.1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/qgb7hl3owhtlepsmldgomxqkg3km2qme/", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu90340376/", }, { trust: 0.7, url: "https://nvd.nist.gov/vuln/detail/cve-2020-25684", }, { trust: 0.7, url: "https://nvd.nist.gov/vuln/detail/cve-2020-25685", }, { trust: 0.6, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/qgb7hl3owhtlepsmldgomxqkg3km2qme/", }, { trust: 0.6, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/wyw3ir6apuskoykl5ft3actihwhgqy32/", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/161281/red-hat-security-advisory-2021-0401-01.html", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/161535/ubuntu-security-notice-usn-4698-2.html", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/161085/gentoo-linux-security-advisory-202101-17.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.0699", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.0864", }, { trust: 0.6, url: "https://www.huawei.com/cn/psirt/security-notices/huawei-sn-20210120-01-dnspooq-cn", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.0283/", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-01", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.0692", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.1088", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.0420", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021070106", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.0231/", }, { trust: 0.6, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-dnsmasq-dns-2021-c5mrdf3g", }, { trust: 0.6, url: "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-privileged-identity-manager-is-affected-by-security-vulnerabilities-cve-2020-25684-cve-2020-25685-cve-2020-25686/", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021122911", }, { trust: 0.5, url: "https://www.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.5, url: "https://access.redhat.com/security/cve/cve-2020-25685", }, { trust: 0.5, url: "https://bugzilla.redhat.com/):", }, { trust: 0.5, url: "https://access.redhat.com/security/cve/cve-2020-25686", }, { trust: 0.5, url: "https://access.redhat.com/security/cve/cve-2020-25684", }, { trust: 0.5, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.4, url: "https://access.redhat.com/security/vulnerabilities/rhsb-2021-001", }, { trust: 0.4, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.3, url: "https://access.redhat.com/security/updates/classification/#important", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2020-25687", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2020-25683", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2020-25681", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2020-25682", }, { trust: 0.2, url: "https://access.redhat.com/articles/2974891", }, { trust: 0.2, url: "https://access.redhat.com/security/vulnerabilities/rhsb-2021-002", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2021-3156", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2021-3156", }, { trust: 0.2, url: "https://access.redhat.com/articles/11258", }, { trust: 0.2, url: "https://access.redhat.com/security/updates/classification/#moderate", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/358.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:0156", }, { trust: 0.1, url: "https://github.com/knqyf263/dnspooq", }, { trust: 0.1, url: "https://security.archlinux.org/cve-2020-25686", }, { trust: 0.1, url: "https://alas.aws.amazon.com/al2/alas-2021-1587.html", }, { trust: 0.1, url: "https://www.debian.org/security/faq", }, { trust: 0.1, url: "https://security-tracker.debian.org/tracker/dnsmasq", }, { trust: 0.1, url: "https://www.debian.org/security/", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:0401", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:0240", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-25696", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-20182", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-25696", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-25694", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:0281", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-25694", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-25682", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-25687", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-2304", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-20182", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-14382", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-2305", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-25681", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-8559", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-8559", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-14382", }, { trust: 0.1, url: "https://docs.openshift.com/container-platform/4.4/release_notes/ocp-4-4-rel", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-2305", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-2304", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-8564", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-25683", }, { trust: 0.1, url: "https://docs.openshift.com/container-platform/4.4/updating/updating-cluster", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-8564", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:0282", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:0395", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/dnsmasq/2.75-1ubuntu0.16.04.7", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-14834", }, { trust: 0.1, url: "https://usn.ubuntu.com/4698-1", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/dnsmasq/2.79-1ubuntu0.2", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/dnsmasq/2.82-1ubuntu1.1", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/dnsmasq/2.80-1.1ubuntu1.2", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:0245", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-16429", }, { db: "VULMON", id: "CVE-2020-25686", }, { db: "JVNDB", id: "JVNDB-2020-015596", }, { db: "PACKETSTORM", id: "169002", }, { db: "PACKETSTORM", id: "161281", }, { db: "PACKETSTORM", id: "161100", }, { db: "PACKETSTORM", id: "161269", }, { db: "PACKETSTORM", id: "161272", }, { db: "PACKETSTORM", id: "161010", }, { db: "PACKETSTORM", id: "161101", }, { db: "CNNVD", id: "CNNVD-202101-1567", }, { db: "NVD", id: "CVE-2020-25686", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-16429", }, { db: "VULMON", id: "CVE-2020-25686", }, { db: "JVNDB", id: "JVNDB-2020-015596", }, { db: "PACKETSTORM", id: "169002", }, { db: "PACKETSTORM", id: "161281", }, { db: "PACKETSTORM", id: "161100", }, { db: "PACKETSTORM", id: "161269", }, { db: "PACKETSTORM", id: "161272", }, { db: "PACKETSTORM", id: "161010", }, { db: "PACKETSTORM", id: "161101", }, { db: "CNNVD", id: "CNNVD-202101-1567", }, { db: "NVD", id: "CVE-2020-25686", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-03-11T00:00:00", db: "CNVD", id: "CNVD-2021-16429", }, { date: "2021-01-20T00:00:00", db: "VULMON", id: "CVE-2020-25686", }, { date: "2021-10-06T00:00:00", db: "JVNDB", id: "JVNDB-2020-015596", }, { date: "2021-02-28T20:12:00", db: "PACKETSTORM", id: "169002", }, { date: "2021-02-03T16:36:53", db: "PACKETSTORM", id: "161281", }, { date: "2021-01-25T17:28:49", db: "PACKETSTORM", id: "161100", }, { date: "2021-02-03T16:14:39", db: "PACKETSTORM", id: "161269", }, { date: "2021-02-03T16:22:29", db: "PACKETSTORM", id: "161272", }, { date: "2021-01-19T14:43:50", db: "PACKETSTORM", id: "161010", }, { date: "2021-01-25T17:28:57", db: "PACKETSTORM", id: "161101", }, { date: "2021-01-20T00:00:00", db: "CNNVD", id: "CNNVD-202101-1567", }, { date: "2021-01-20T17:15:13", db: "NVD", id: "CVE-2020-25686", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-03-11T00:00:00", db: "CNVD", id: "CNVD-2021-16429", }, { date: "2023-11-07T00:00:00", db: "VULMON", id: "CVE-2020-25686", }, { date: "2021-10-06T03:28:00", db: "JVNDB", id: "JVNDB-2020-015596", }, { date: "2022-01-26T00:00:00", db: "CNNVD", id: "CNNVD-202101-1567", }, { date: "2024-11-21T05:18:28.027000", db: "NVD", id: "CVE-2020-25686", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "161010", }, { db: "CNNVD", id: "CNNVD-202101-1567", }, ], trust: 0.7, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "dnsmasq Spoofing Authentication Vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2020-015596", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "security feature problem", sources: [ { db: "CNNVD", id: "CNNVD-202101-1567", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.