Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker who can create valid DNS replies to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name() which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq resulting in a denial of service. The highest threat from this vulnerability is to system availability.

🗓️ 27 Jan 2021 08:00:00Reported by MicrosoftType 
mscve
 mscve🔗 msrc.microsoft.com👁 2 Views

dnsmasq before 2.83 has a heap overflow with DNSSEC enabled, enabling remote denial of service via crafted replies.

Related
Detection
ReporterTitlePublishedViews
Family
FreeBSD		dnsmasq -- DNS cache poisoning, and DNSSEC buffer overflow, vulnerabilities
16 Sep 202000:00
freebsd
ALT Linux		Security fix for the ALT Linux 10 package dnsmasq version 2.83-alt1
22 Jan 202100:00
altlinux
Tenable Nessus		Alibaba Cloud Linux 3 : 0009: dnsmasq (ALINUX3-SA-2021:0009)
14 May 202500:00
nessus
Tenable Nessus		CentOS 8 : dnsmasq (CESA-2021:0150)
29 Jan 202100:00
nessus
Tenable Nessus		Debian DLA-2604-1 : dnsmasq security update
23 Mar 202100:00
nessus
Tenable Nessus		Debian DSA-4844-1 : dnsmasq - security update
5 Feb 202100:00
nessus
Tenable Nessus		dnsmasq < 2.83 Multiple Vulnerabilities (DNSPOOQ)
19 Jan 202100:00
nessus
Tenable Nessus		EulerOS 2.0 SP8 : dnsmasq (EulerOS-SA-2021-1138)
1 Feb 202100:00
nessus
Tenable Nessus		EulerOS 2.0 SP9 : dnsmasq (EulerOS-SA-2021-1244)
5 Feb 202100:00
nessus
Tenable Nessus		EulerOS 2.0 SP9 : dnsmasq (EulerOS-SA-2021-1263)
5 Feb 202100:00
nessus
Rows per page
Vulners
Node
microsoftcm1_dnsmasq_2.85-1Range<2.85-1

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
27 Jan 2021 08:00Current
7High risk
Vulners AI Score7
CVSS 3.15.9
CVSS 27.1
EPSS0.22
dnsmasqheap overflowdnssec enabledextract_name flawrfc1035sort_rrset flawdenial of service
2