Lucene search
OracleLinuxELSA-2023-12972HistoryNov 06, 2023 - 12:00 a.m.
dnsmasq security update
2023-11-0600:00:00
linux.oracle.com
7
dnsmasq
security update
version 2.76-17.0.3.3
heap-based buffer overflow
extract_name()
cve-2020-25681
cve-2020-25682
orabug: 35904921
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.5 High
AI Score
Confidence
High
8.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:P/I:P/A:C
0.159 Low
EPSS
Percentile
95.9%
[2.76-17.0.3.3]
- Fixed heap-based buffer overflow in sort_rrset (CVE-2020-25681) [Orabug: 35904921]
- Fixed buffer overflow in extract_name() (CVE-2020-25682) [Orabug: 35904921]
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | dnsmasq | < 2.76-17.0.3.el7_9.3 | dnsmasq-2.76-17.0.3.el7_9.3.src.rpm |
| oracle linux | 7 | src | dnsmasq | < 2.76-17.0.3.el7_9.3 | dnsmasq-2.76-17.0.3.el7_9.3.src.rpm |
| oracle linux | 7 | src | dnsmasq | < 2.76-17.0.3.el7_9.3 | dnsmasq-2.76-17.0.3.el7_9.3.src.rpm |
| oracle linux | 7 | aarch64 | dnsmasq | < 2.76-17.0.3.el7_9.3 | dnsmasq-2.76-17.0.3.el7_9.3.aarch64.rpm |
| oracle linux | 7 | aarch64 | dnsmasq | < 2.76-17.0.3.el7_9.3 | dnsmasq-2.76-17.0.3.el7_9.3.aarch64.rpm |
| oracle linux | 7 | aarch64 | dnsmasq-utils | < 2.76-17.0.3.el7_9.3 | dnsmasq-utils-2.76-17.0.3.el7_9.3.aarch64.rpm |
| oracle linux | 7 | src | dnsmasq | < 2.76-17.0.3.el7_9.3 | dnsmasq-2.76-17.0.3.el7_9.3.src.rpm |
| oracle linux | 7 | src | dnsmasq | < 2.76-17.0.3.el7_9.3 | dnsmasq-2.76-17.0.3.el7_9.3.src.rpm |
| oracle linux | 7 | src | dnsmasq | < 2.76-17.0.3.el7_9.3 | dnsmasq-2.76-17.0.3.el7_9.3.src.rpm |
| oracle linux | 7 | x86_64 | dnsmasq | < 2.76-17.0.3.el7_9.3 | dnsmasq-2.76-17.0.3.el7_9.3.x86_64.rpm |
Related
oraclelinux
oraclelinux
dnsmasq security update
2023-11-06 00:00:00
dnsmasq security update
2021-01-20 00:00:00
nessus
nessus
Oracle Linux 7 : dnsmasq (ELSA-2023-12972)
2023-11-06 00:00:00
Oracle Linux 7 : dnsmasq (ELSA-2023-12971)
2023-11-06 00:00:00
Debian DLA-2604-1 : dnsmasq security update
2021-03-23 00:00:00
f5
f5
K02931614 : Multiple dnsmasq vulnerabilities
2021-03-30 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2604-1)
2021-03-23 00:00:00
Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2021-1244)
2021-02-05 00:00:00
openSUSE: Security Advisory for dnsmasq (openSUSE-SU-2021:0124-1)
2021-04-16 00:00:00
redhatcve
redhatcve
CVE-2020-25682
2021-01-19 12:18:27
CVE-2020-25681
2021-01-19 12:18:18
cve
cve
CVE-2020-25681
2021-01-20 17:15:00
CVE-2020-25682
2021-01-20 17:15:00
debian
debian
[SECURITY] [DLA 2604-1] dnsmasq security update
2021-03-22 18:43:44
[SECURITY] [DSA 4844-1] dnsmasq security update
2021-02-04 07:37:12
[SECURITY] [DSA 4844-1] dnsmasq security update
2021-02-04 07:37:12
osv
osv
dnsmasq - security update
2021-03-22 00:00:00
CVE-2020-25682
2021-01-20 17:15:12
CVE-2020-25681
2021-01-20 17:15:12
veracode
veracode
Buffer Overflow
2021-01-20 16:41:21
Arbitrary Code Execution
2021-01-20 16:41:21
alpinelinux
alpinelinux
CVE-2020-25681
2021-01-20 17:15:00
CVE-2020-25682
2021-01-20 17:15:00
prion
prion
Heap overflow
2021-01-20 17:15:00
Buffer overflow
2021-01-20 17:15:00
checkpoint_advisories
checkpoint_advisories
DNSmasq Out-of-Bounds Write (CVE-2020-25682)
2022-09-20 00:00:00
ubuntucve
ubuntucve
CVE-2020-25681
2021-01-19 00:00:00
CVE-2020-25682
2021-01-19 00:00:00
debiancve
debiancve
CVE-2020-25681
2021-01-20 17:15:00
CVE-2020-25682
2021-01-20 17:15:00
cbl_mariner
cbl_mariner
CVE-2020-25681 affecting package dnsmasq 2.79-11
2021-05-06 23:56:42
CVE-2020-25682 affecting package dnsmasq 2.79-11
2021-05-06 23:56:42
fedora
fedora
[SECURITY] Fedora 33 Update: dnsmasq-2.83-1.fc33
2021-01-21 01:47:44
[SECURITY] Fedora 32 Update: dnsmasq-2.84-1.fc32
2021-02-20 01:34:26
altlinux
altlinux
Security fix for the ALT Linux 10 package dnsmasq version 2.83-alt1
2021-01-22 00:00:00
redhat
redhat
(RHSA-2021:0151) Important: dnsmasq security update
2021-01-19 12:36:50
(RHSA-2021:0150) Important: dnsmasq security update
2021-01-19 12:37:10
(RHSA-2021:0152) Important: dnsmasq security update
2021-01-19 12:36:51
gentoo
gentoo
Dnsmasq: Multiple vulnerabilities
2021-01-22 00:00:00
suse
suse
Security update for dnsmasq (important)
2021-01-20 00:00:00
Security update for dnsmasq (important)
2021-01-20 00:00:00
malwarebytes
malwarebytes
DNSpooq bugs haunt dnsmasq
2021-01-21 15:56:12
threatpost
threatpost
DNSpooq Flaws Allow DNS Hijacking of Millions of Devices
2021-01-19 21:25:10
slackware
slackware
[slackware-security] dnsmasq
2021-02-09 20:59:31
cisco
cisco
almalinux
almalinux
Important: dnsmasq security update
2021-01-19 12:37:10
photon
photon
ics
ics
dnsmasq by Simon Kelley (Update A)
2021-03-09 12:00:00
openwrt
openwrt
archlinux
archlinux
[ASA-202101-38] dnsmasq: multiple issues
2021-01-20 00:00:00
freebsd
freebsd
dnsmasq -- DNS cache poisoning, and DNSSEC buffer overflow, vulnerabilities
2020-09-16 00:00:00
mageia
mageia
Updated dnsmasq packages fix security vulnerability
2021-01-29 22:05:33
cert
cert
Dnsmasq is vulnerable to memory corruption and cache poisoning
2021-01-19 00:00:00
ubuntu
ubuntu
Dnsmasq regression
2021-02-24 00:00:00
Dnsmasq vulnerabilities
2021-01-19 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1823
2021-07-02 16:38:26
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.5 High
AI Score
Confidence
High
8.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:P/I:P/A:C
0.159 Low
EPSS
Percentile
95.9%
Related for ELSA-2023-12972