Lucene search
Alpine Linux Development TeamALPINE:CVE-2021-3448HistoryApr 08, 2021 - 11:15 p.m.
CVE-2021-3448
2021-04-0823:15:00
Alpine Linux Development Team
security.alpinelinux.org
10
0.002 Low
EPSS
Percentile
60.3%
A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-main | noarch | dnsmasq | < 2.85-r0 | UNKNOWN |
| Alpine | 3.10-main | noarch | dnsmasq | < 2.85-r0 | UNKNOWN |
| Alpine | 3.11-main | noarch | dnsmasq | < 2.85-r0 | UNKNOWN |
| Alpine | 3.12-main | noarch | dnsmasq | < 2.85-r0 | UNKNOWN |
| Alpine | 3.13-main | noarch | dnsmasq | < 2.85-r0 | UNKNOWN |
| Alpine | 3.14-main | noarch | dnsmasq | < 2.85-r0 | UNKNOWN |
| Alpine | 3.15-main | noarch | dnsmasq | < 2.85-r0 | UNKNOWN |
| Alpine | 3.16-main | noarch | dnsmasq | < 2.85-r0 | UNKNOWN |
| Alpine | 3.17-main | noarch | dnsmasq | < 2.85-r0 | UNKNOWN |
| Alpine | 3.18-main | noarch | dnsmasq | < 2.85-r0 | UNKNOWN |
Related
nessus
nessus
EulerOS 2.0 SP9 : dnsmasq (EulerOS-SA-2021-2268)
2021-08-09 00:00:00
Photon OS 2.0: Dnsmasq PHSA-2021-2.0-0386
2021-09-07 00:00:00
EulerOS Virtualization 2.9.0 : dnsmasq (EulerOS-SA-2021-2199)
2021-07-13 00:00:00
debiancve
debiancve
CVE-2021-3448
2021-04-08 23:15:00
rocky
rocky
dnsmasq security and bug fix update
2021-11-09 08:24:48
redhatcve
redhatcve
CVE-2021-3448
2021-03-17 11:03:59
openvas
openvas
Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2021-2242)
2021-08-09 00:00:00
Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2021-2189)
2021-07-13 00:00:00
Fedora: Security Advisory for dnsmasq (FEDORA-2021-62a5062b2d)
2021-04-24 00:00:00
osv
osv
dnsmasq vulnerability
2022-09-07 15:22:39
CVE-2021-3448
2021-04-08 23:15:00
Moderate: dnsmasq security and bug fix update
2021-11-09 08:24:48
altlinux
altlinux
Security fix for the ALT Linux 10 package dnsmasq version 2.85-alt1
2021-04-09 00:00:00
Security fix for the ALT Linux 9 package dnsmasq version 2.85-alt1
2021-04-12 00:00:00
prion
prion
Design/Logic Flaw
2021-04-08 23:15:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2021-2.0-0386
2021-08-31 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2021-1.0-0431
2021-08-31 00:00:00
Moderate Photon OS Security Update - PHSA-2021-0093
2021-09-02 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-3448 affecting package dnsmasq 2.84-1
2021-05-06 23:56:42
gentoo
gentoo
Dnsmasq: DNS cache poisoning
2021-05-26 00:00:00
freebsd
freebsd
dnsmasq -- cache poisoning vulnerability in certain configurations
2021-03-17 00:00:00
veracode
veracode
DNS Cache Poisoning
2021-04-09 04:10:35
fedora
fedora
[SECURITY] Fedora 32 Update: dnsmasq-2.85-1.fc32
2021-04-24 18:23:55
[SECURITY] Fedora 34 Update: dnsmasq-2.85-1.fc34
2021-04-24 20:22:41
[SECURITY] Fedora 33 Update: dnsmasq-2.85-1.fc33
2021-04-23 19:02:10
cve
cve
CVE-2021-3448
2021-04-08 23:15:00
ubuntucve
ubuntucve
CVE-2021-3448
2021-04-08 00:00:00
oraclelinux
oraclelinux
dnsmasq security and bug fix update
2021-11-16 00:00:00
almalinux
almalinux
Moderate: dnsmasq security and bug fix update
2021-11-09 08:24:48
slackware
slackware
[slackware-security] dnsmasq
2021-04-12 20:29:49
mageia
mageia
Updated dnsmasq packages fix a security vulnerability
2021-06-08 17:33:02
cvelist
cvelist
CVE-2021-3448
2021-04-08 22:06:45
ubuntu
ubuntu
Dnsmasq vulnerability
2022-09-07 00:00:00
redhat
redhat
(RHSA-2021:4153) Moderate: dnsmasq security and bug fix update
2021-11-09 08:24:48
rosalinux
rosalinux
Advisory ROSA-SA-2021-1823
2021-07-02 16:38:26
oracle
oracle
Oracle Critical Patch Update Advisory - January 2022
2022-01-18 00:00:00