CVE-2021-3448

2021-04-0800:00:00

ubuntu.com

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

0.002 Low

EPSS

Percentile

60.7%

JSON

A flaw was found in dnsmasq in versions before 2.85. When configured to use
a specific server for a given network interface, dnsmasq uses a fixed port
while forwarding queries. An attacker on the network, able to find the
outgoing port used by dnsmasq, only needs to guess the random transmission
ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS
Cache Poisoning attack much easier. The highest threat from this
vulnerability is to data integrity.

Bugs

<https://bugzilla.redhat.com/show_bug.cgi?id=1939368>

Notes

Author	Note
mdeslaur	This issue only affects dnsmasq in non-default configurations where the server=<address>@<interface> option is used. In those environments, this issue can be prevented by disabling cache by also using a cache-size=0 configuration option. For the dnsmasq instance used by Network-Manager, it is not vulnerable to this issue as Ubuntu disables caching by default. (See Update-dnsmasq-parameters.patch in the network-manager package)

Author

Note

mdeslaur

This issue only affects dnsmasq in non-default configurations where the server=<address>@<interface> option is used. In those environments, this issue can be prevented by disabling cache by also using a cache-size=0 configuration option. For the dnsmasq instance used by Network-Manager, it is not vulnerable to this issue as Ubuntu disables caching by default. (See Update-dnsmasq-parameters.patch in the network-manager package)

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchdnsmasq< 2.79-1ubuntu0.4UNKNOWN
ubuntu20.04noarchdnsmasq< 2.80-1.1ubuntu1.4UNKNOWN
ubuntu20.10noarchdnsmasq< 2.82-1ubuntu1.3UNKNOWN
ubuntu21.04noarchdnsmasq< 2.84-1ubuntu2.1UNKNOWN
ubuntu21.10noarchdnsmasq< 2.85-1ubuntu1UNKNOWN
ubuntu22.04noarchdnsmasq< 2.85-1ubuntu1UNKNOWN
ubuntu22.10noarchdnsmasq< 2.85-1ubuntu1UNKNOWN
ubuntu23.04noarchdnsmasq< 2.85-1ubuntu1UNKNOWN
ubuntu23.10noarchdnsmasq< 2.85-1ubuntu1UNKNOWN
ubuntu24.04noarchdnsmasq< 2.85-1ubuntu1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	dnsmasq	< 2.79-1ubuntu0.4	UNKNOWN
ubuntu	20.04	noarch	dnsmasq	< 2.80-1.1ubuntu1.4	UNKNOWN
ubuntu	20.10	noarch	dnsmasq	< 2.82-1ubuntu1.3	UNKNOWN
ubuntu	21.04	noarch	dnsmasq	< 2.84-1ubuntu2.1	UNKNOWN
ubuntu	21.10	noarch	dnsmasq	< 2.85-1ubuntu1	UNKNOWN
ubuntu	22.04	noarch	dnsmasq	< 2.85-1ubuntu1	UNKNOWN
ubuntu	22.10	noarch	dnsmasq	< 2.85-1ubuntu1	UNKNOWN
ubuntu	23.04	noarch	dnsmasq	< 2.85-1ubuntu1	UNKNOWN
ubuntu	23.10	noarch	dnsmasq	< 2.85-1ubuntu1	UNKNOWN
ubuntu	24.04	noarch	dnsmasq	< 2.85-1ubuntu1	UNKNOWN