A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network who can forge DNS replies such as that they are accepted as valid could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

🗓️ 29 Jan 2021 08:00:00Reported by MicrosoftType

mscve

mscve🔗 msrc.microsoft.com👁 1 Views

dnsmasq before 2.83 has a heap overflow enabling forged DNS replies to execute code via domain signing data.

Reporter	Title	Published	Views	Family All 152
FreeBSD	dnsmasq -- DNS cache poisoning, and DNSSEC buffer overflow, vulnerabilities	16 Sep 202000:00	–	freebsd
ALT Linux	Security fix for the ALT Linux 10 package dnsmasq version 2.83-alt1	22 Jan 202100:00	–	altlinux
Tenable Nessus	Alibaba Cloud Linux 3 : 0009: dnsmasq (ALINUX3-SA-2021:0009)	14 May 202500:00	–	nessus
Tenable Nessus	CentOS 8 : dnsmasq (CESA-2021:0150)	29 Jan 202100:00	–	nessus
Tenable Nessus	Debian DLA-2604-1 : dnsmasq security update	23 Mar 202100:00	–	nessus
Tenable Nessus	Debian DSA-4844-1 : dnsmasq - security update	5 Feb 202100:00	–	nessus
Tenable Nessus	dnsmasq < 2.83 Multiple Vulnerabilities (DNSPOOQ)	19 Jan 202100:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP8 : dnsmasq (EulerOS-SA-2021-1138)	1 Feb 202100:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP9 : dnsmasq (EulerOS-SA-2021-1244)	5 Feb 202100:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP9 : dnsmasq (EulerOS-SA-2021-1263)	5 Feb 202100:00	–	nessus

Vulners

Node

microsoft cm1_dnsmasq_2.85-1Range<2.85-1

29 Jan 2021 08:00Current

7High risk

Vulners AI Score7

CVSS 3.18.1

CVSS 28.3

EPSS0.45359

dnsmasq heap overflow forged replies domain signing