RHSA-2021:0150-01 -- Redhat dnsmasqID: oval:org.secpod.oval:def:69584 | Date: (C)2021-03-03 (M)2023-12-20 |
Class: PATCH | Family: unix |
The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: * dnsmasq: heap-based buffer overflow in sort_rrset when DNSSEC is enabled * dnsmasq: buffer overflow in extract_name due to missing length check when DNSSEC is enabled * dnsmasq: heap-based buffer overflow with large memcpy in get_rdata when DNSSEC is enabled * dnsmasq: loose address/port check in reply_query makes forging replies easier for an off-path attacker * dnsmasq: loose query name check in reply_query makes forging replies easier for an off-path attacker * dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker * dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset when DNSSEC is enabled For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.