ghsa-9xp3-mp9c-47rf
Vulnerability from github
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
{ affected: [], aliases: [ "CVE-2020-25686", ], database_specific: { cwe_ids: [ "CWE-358", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2021-01-20T17:15:00Z", severity: "MODERATE", }, details: "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.", id: "GHSA-9xp3-mp9c-47rf", modified: "2022-05-24T17:39:33Z", published: "2022-05-24T17:39:33Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25686", }, { type: "WEB", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32", }, { type: "WEB", url: "https://security.gentoo.org/glsa/202101-17", }, { type: "WEB", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61", }, { type: "WEB", url: "https://www.debian.org/security/2021/dsa-4844", }, { type: "WEB", url: "https://www.jsof-tech.com/disclosures/dnspooq", }, ], schema_version: "1.4.0", severity: [], }
Log in or create an account to share your comment.
This schema specifies the format of a comment related to a security advisory.
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.