Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2021:4153

Опубликовано: 09 нояб. 2021
Источник: rocky
Оценка: Moderate

Описание

Moderate: dnsmasq security and bug fix update

The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.

Security Fix(es):

  • dnsmasq: fixed outgoing port used when --server is used with an interface name (CVE-2021-3448)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
dnsmasqx86_6419.el8dnsmasq-2.79-19.el8.x86_64.rpm
dnsmasq-utilsx86_6419.el8dnsmasq-utils-2.79-19.el8.x86_64.rpm

Показывать по

Связанные CVE

CVE-2021-3448

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2021-3448

CVSS3: 4
ubuntu
больше 4 лет назад

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity.

redhat логотип

CVE-2021-3448

CVSS3: 4
redhat
почти 5 лет назад

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity.

nvd логотип

CVE-2021-3448

CVSS3: 4
nvd
больше 4 лет назад

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity.

msrc логотип

CVE-2021-3448

CVSS3: 4
msrc
больше 4 лет назад

Описание отсутствует

debian логотип

CVE-2021-3448

CVSS3: 4
debian
больше 4 лет назад

A flaw was found in dnsmasq in versions before 2.85. When configured t ...