logo
DATABASE RESOURCES PRICING ABOUT US

(RHSA-2021:0245) Moderate: dnsmasq security update

Description

The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server. Security Fix(es): * dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684) * dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685) * dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.


Affected Package


OS OS Version Package Name Package Version
RedHat 7 dnsmasq 2.66-21.el7_3.3
RedHat 7 dnsmasq-utils 2.66-21.el7_3.3
RedHat 7 dnsmasq 2.66-21.el7_3.3
RedHat 7 dnsmasq-debuginfo 2.66-21.el7_3.3

Related