var-202101-0221
Vulnerability from variot
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity. Dnsmasq is vulnerable to a set of memory corruption issues handling DNSSEC data and a second set of issues validating DNS responses. These vulnerabilities could allow an attacker to corrupt memory on a vulnerable system and perform cache poisoning attacks against a vulnerable environment.CVE-2020-25681 Not Affected CVE-2020-25682 Not Affected CVE-2020-25683 Not Affected CVE-2020-25684 Affected CVE-2020-25685 Affected CVE-2020-25686 Affected CVE-2020-25687 Not AffectedCVE-2020-25681 Not Affected CVE-2020-25682 Not Affected CVE-2020-25683 Not Affected CVE-2020-25684 Affected CVE-2020-25685 Affected CVE-2020-25686 Affected CVE-2020-25687 Not Affected. Dnsmasq is a lightweight DNS forwarding and DHCP and TFTP server written in C language.
Dnsmasq has a security vulnerability, which stems from the use of a weak hash algorithm (CRC32) to verify DNS responses when compiling without dnnssec. No detailed vulnerability details are currently provided. Relevant releases/architectures:
RHEL 8-based RHEV-H for RHEV 4 (build requirements) - noarch, x86_64 Red Hat Virtualization 4 Hypervisor for RHEL 8 - noarch, x86_64 Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts - noarch
- These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
Bug Fix(es):
- Previously, the Red Hat Virtualization Host (RHV-H) repository (rhvh-4-for-rhel-8-x86_64-rpms) did not include the libsmbclient package, which is a dependency for the sssd-ad package. Consequently, the sssd-ad package failed to install.
With this update, the libsmbclient is now in the RHV-H repository, and sssd-ad now installs on RHV-H. (BZ#1868967)
-
8) - aarch64, ppc64le, s390x, x86_64
-
7.7) - ppc64, ppc64le, s390x, x86_64
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: dnsmasq security update Advisory ID: RHSA-2021:0156-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0156 Issue date: 2021-01-19 CVE Names: CVE-2020-25684 CVE-2020-25685 CVE-2020-25686 ==================================================================== 1. Summary:
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.4) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.4) - x86_64
Security Fix(es):
-
dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
-
dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
-
dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1889686 - CVE-2020-25684 dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker 1889688 - CVE-2020-25685 dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker 1890125 - CVE-2020-25686 dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker
- Package List:
Red Hat Enterprise Linux Server AUS (v. 7.4):
Source: dnsmasq-2.76-2.el7_4.3.src.rpm
x86_64: dnsmasq-2.76-2.el7_4.3.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.4):
Source: dnsmasq-2.76-2.el7_4.3.src.rpm
ppc64le: dnsmasq-2.76-2.el7_4.3.ppc64le.rpm dnsmasq-debuginfo-2.76-2.el7_4.3.ppc64le.rpm
x86_64: dnsmasq-2.76-2.el7_4.3.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.4):
Source: dnsmasq-2.76-2.el7_4.3.src.rpm
x86_64: dnsmasq-2.76-2.el7_4.3.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.4):
x86_64: dnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional E4S (v. 7.4):
ppc64le: dnsmasq-debuginfo-2.76-2.el7_4.3.ppc64le.rpm dnsmasq-utils-2.76-2.el7_4.3.ppc64le.rpm
x86_64: dnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 7.4):
x86_64: dnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2020-25684 https://access.redhat.com/security/cve/CVE-2020-25685 https://access.redhat.com/security/cve/CVE-2020-25686 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/security/vulnerabilities/RHSB-2021-001
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYAbg5dzjgjWX9erEAQjfmA//U9huQUHWE5px5MpvL3/7ZlTnU3Q23tSz lOkHHhl4hwFmETAaVUv/Zoc1N7OfxHzC6C4ot2+rPFj+oMcZQeXUrfhKZkG5kWMn Qy/yIN9myOJ9jjM+2NmF+nQPAiIVi2fU/LkDIEYGXihDZB67/bvu2ErbX2dEOGaH ikX4JNYAVw8vnCZgRy2bbXq47Nff8oeys9sTcDWIq61Svg2mHYYtIoF4Xmz5N5u5 Gb+75FFSxlBoNQFbDyydm19UpGTGZ1dP5Giquvuv8hN0lXGDZN39TANk8FruwnB+ ibyRgzf1R3IwDKbMdkICVOtxfR6cMUXOk5fB6bygyL8Ki6o03N1/HPnQTOQ3XPDO Ya0eswXvMpG8DdhIPi6xlVhorxDj4QKaVKC82rnbb27KJP+UPC8KXfp8lEZSD0zX 56f2O2t42rjzrulnijDdeHtW6oI1MytA/hVLLM0Sdt6PYS19jflucnwP2UuZn0aR RRWjdK6Tx0OYxpPQBYVKygzm+0ke7Ee5BoGn+sYU5SZSH6ro0AlfIRVQn6XmTGUj Gotg6jc4a6HXjhrA72lkxvW9pzFVXpfiQ/VFhBblP39dcCXXyRfTSzgbutDAz7eu 5R8SwUBVIJ0e/Pp32WAMapLfKc+Pj9VG/INfwYYxtpWooy2cHk+3HZIy8gXylhCA lyNYjR6LrCc=sh0K -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202101-17
https://security.gentoo.org/
Severity: Normal Title: Dnsmasq: Multiple vulnerabilities Date: January 22, 2021 Bugs: #766126 ID: 202101-17
Synopsis
Multiple vulnerabilities have been found in Dnsmasq, the worst of which may allow remote attackers to execute arbitrary code.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-dns/dnsmasq < 2.83 >= 2.83
Description
Multiple vulnerabilities have been discovered in Dnsmasq.
Impact
An attacker, by sending specially crafted DNS replies, could possibly execute arbitrary code with the privileges of the process, perform a cache poisoning attack or cause a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All Dnsmasq users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.83"
References
[ 1 ] CVE-2020-25681 https://nvd.nist.gov/vuln/detail/CVE-2020-25681 [ 2 ] CVE-2020-25682 https://nvd.nist.gov/vuln/detail/CVE-2020-25682 [ 3 ] CVE-2020-25683 https://nvd.nist.gov/vuln/detail/CVE-2020-25683 [ 4 ] CVE-2020-25684 https://nvd.nist.gov/vuln/detail/CVE-2020-25684 [ 5 ] CVE-2020-25685 https://nvd.nist.gov/vuln/detail/CVE-2020-25685 [ 6 ] CVE-2020-25686 https://nvd.nist.gov/vuln/detail/CVE-2020-25686 [ 7 ] CVE-2020-25687 https://nvd.nist.gov/vuln/detail/CVE-2020-25687
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202101-17
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2021 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202101-0221", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "eos", "scope": "gte", "trust": 1.0, "vendor": "arista", "version": "4.22" }, { "model": "dnsmasq", "scope": "lt", "trust": 1.0, "vendor": "thekelleys", "version": "2.83" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "debian", "version": "10.0" }, { "model": "eos", "scope": "gte", "trust": 1.0, "vendor": "arista", "version": "4.23" }, { "model": "eos", "scope": "lt", "trust": 1.0, "vendor": "arista", "version": "4.21.14m" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "32" }, { "model": "eos", "scope": "lt", "trust": 1.0, "vendor": "arista", "version": "4.23.7m" }, { "model": "eos", "scope": "gte", "trust": 1.0, "vendor": "arista", "version": "4.25" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "33" }, { "model": "eos", "scope": "lt", "trust": 1.0, "vendor": "arista", "version": "4.25.2f" }, { "model": "eos", "scope": "gte", "trust": 1.0, "vendor": "arista", "version": "4.21" }, { "model": "eos", "scope": "lt", "trust": 1.0, "vendor": "arista", "version": "4.24.5m" }, { "model": "eos", "scope": "lt", "trust": 1.0, "vendor": "arista", "version": "4.22.9m" }, { "model": "eos", "scope": "gte", "trust": 1.0, "vendor": "arista", "version": "4.24" }, { "model": "dnsmasq", "scope": "lt", "trust": 0.6, "vendor": "dnsmasq", "version": "2.83" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-16430" }, { "db": "NVD", "id": "CVE-2020-25685" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.83", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.21.14m", "versionStartIncluding": "4.21", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.22.9m", "versionStartIncluding": "4.22", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.23.7m", "versionStartIncluding": "4.23", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.24.5m", "versionStartIncluding": "4.24", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.25.2f", "versionStartIncluding": "4.25", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2020-25685" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "This document was written by Vijay Sarvepalli.Statement Date:\u00a0\u00a0 January 04, 2021", "sources": [ { "db": "CERT/CC", "id": "VU#434904" } ], "trust": 0.8 }, "cve": "CVE-2020-25685", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "impactScore": 2.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CNVD-2021-16430", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CVE-2020-25685", "impactScore": 2.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "MEDIUM", "trust": 0.1, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "HIGH", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "exploitabilityScore": 2.2, "impactScore": 1.4, "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } ], "severity": [ { "author": "NVD", "id": "CVE-2020-25685", "trust": 1.0, "value": "LOW" }, { "author": "CNVD", "id": "CNVD-2021-16430", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202101-1574", "trust": 0.6, "value": "LOW" }, { "author": "VULMON", "id": "CVE-2020-25685", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-16430" }, { "db": "VULMON", "id": "CVE-2020-25685" }, { "db": "CNNVD", "id": "CNNVD-202101-1574" }, { "db": "NVD", "id": "CVE-2020-25685" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity. Dnsmasq is vulnerable to a set of memory corruption issues handling DNSSEC data and a second set of issues validating DNS responses. These vulnerabilities could allow an attacker to corrupt memory on a vulnerable system and perform cache poisoning attacks against a vulnerable environment.CVE-2020-25681 Not Affected\nCVE-2020-25682 Not Affected\nCVE-2020-25683 Not Affected\nCVE-2020-25684 Affected\nCVE-2020-25685 Affected\nCVE-2020-25686 Affected\nCVE-2020-25687 Not AffectedCVE-2020-25681 Not Affected\nCVE-2020-25682 Not Affected\nCVE-2020-25683 Not Affected\nCVE-2020-25684 Affected\nCVE-2020-25685 Affected\nCVE-2020-25686 Affected\nCVE-2020-25687 Not Affected. Dnsmasq is a lightweight DNS forwarding and DHCP and TFTP server written in C language. \n\r\n\r\nDnsmasq has a security vulnerability, which stems from the use of a weak hash algorithm (CRC32) to verify DNS responses when compiling without dnnssec. No detailed vulnerability details are currently provided. Relevant releases/architectures:\n\nRHEL 8-based RHEV-H for RHEV 4 (build requirements) - noarch, x86_64\nRed Hat Virtualization 4 Hypervisor for RHEL 8 - noarch, x86_64\nRed Hat Virtualization 4 Management Agent for RHEL 7 Hosts - noarch\n\n3. These packages include redhat-release-virtualization-host,\novirt-node, and rhev-hypervisor. RHVH features a Cockpit user\ninterface for monitoring the host\u0027s resources and performing administrative\ntasks. \n\nBug Fix(es):\n\n* Previously, the Red Hat Virtualization Host (RHV-H) repository\n(rhvh-4-for-rhel-8-x86_64-rpms) did not include the libsmbclient package,\nwhich is a dependency for the sssd-ad package. Consequently, the sssd-ad\npackage failed to install. \n\nWith this update, the libsmbclient is now in the RHV-H repository, and\nsssd-ad now installs on RHV-H. (BZ#1868967)\n\n4. 8) - aarch64, ppc64le, s390x, x86_64\n\n3. 7.7) - ppc64, ppc64le, s390x, x86_64\n\n3. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: dnsmasq security update\nAdvisory ID: RHSA-2021:0156-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:0156\nIssue date: 2021-01-19\nCVE Names: CVE-2020-25684 CVE-2020-25685 CVE-2020-25686\n====================================================================\n1. Summary:\n\nAn update for dnsmasq is now available for Red Hat Enterprise Linux 7.4\nAdvanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update\nSupport, and Red Hat Enterprise Linux 7.4 Update Services for SAP\nSolutions. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server E4S (v. 7.4) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 7.4) - x86_64\n\n3. \n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies\neasier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies\neasier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging\nreplies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1889686 - CVE-2020-25684 dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker\n1889688 - CVE-2020-25685 dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker\n1890125 - CVE-2020-25686 dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker\n\n6. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 7.4):\n\nSource:\ndnsmasq-2.76-2.el7_4.3.src.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.3.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server E4S (v. 7.4):\n\nSource:\ndnsmasq-2.76-2.el7_4.3.src.rpm\n\nppc64le:\ndnsmasq-2.76-2.el7_4.3.ppc64le.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.3.ppc64le.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.3.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 7.4):\n\nSource:\ndnsmasq-2.76-2.el7_4.3.src.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.3.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 7.4):\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional E4S (v. 7.4):\n\nppc64le:\ndnsmasq-debuginfo-2.76-2.el7_4.3.ppc64le.rpm\ndnsmasq-utils-2.76-2.el7_4.3.ppc64le.rpm\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 7.4):\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.3.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2020-25684\nhttps://access.redhat.com/security/cve/CVE-2020-25685\nhttps://access.redhat.com/security/cve/CVE-2020-25686\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2021-001\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYAbg5dzjgjWX9erEAQjfmA//U9huQUHWE5px5MpvL3/7ZlTnU3Q23tSz\nlOkHHhl4hwFmETAaVUv/Zoc1N7OfxHzC6C4ot2+rPFj+oMcZQeXUrfhKZkG5kWMn\nQy/yIN9myOJ9jjM+2NmF+nQPAiIVi2fU/LkDIEYGXihDZB67/bvu2ErbX2dEOGaH\nikX4JNYAVw8vnCZgRy2bbXq47Nff8oeys9sTcDWIq61Svg2mHYYtIoF4Xmz5N5u5\nGb+75FFSxlBoNQFbDyydm19UpGTGZ1dP5Giquvuv8hN0lXGDZN39TANk8FruwnB+\nibyRgzf1R3IwDKbMdkICVOtxfR6cMUXOk5fB6bygyL8Ki6o03N1/HPnQTOQ3XPDO\nYa0eswXvMpG8DdhIPi6xlVhorxDj4QKaVKC82rnbb27KJP+UPC8KXfp8lEZSD0zX\n56f2O2t42rjzrulnijDdeHtW6oI1MytA/hVLLM0Sdt6PYS19jflucnwP2UuZn0aR\nRRWjdK6Tx0OYxpPQBYVKygzm+0ke7Ee5BoGn+sYU5SZSH6ro0AlfIRVQn6XmTGUj\nGotg6jc4a6HXjhrA72lkxvW9pzFVXpfiQ/VFhBblP39dcCXXyRfTSzgbutDAz7eu\n5R8SwUBVIJ0e/Pp32WAMapLfKc+Pj9VG/INfwYYxtpWooy2cHk+3HZIy8gXylhCA\nlyNYjR6LrCc=sh0K\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202101-17\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Dnsmasq: Multiple vulnerabilities\n Date: January 22, 2021\n Bugs: #766126\n ID: 202101-17\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Dnsmasq, the worst of which\nmay allow remote attackers to execute arbitrary code. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-dns/dnsmasq \u003c 2.83 \u003e= 2.83\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Dnsmasq. \n\nImpact\n======\n\nAn attacker, by sending specially crafted DNS replies, could possibly\nexecute arbitrary code with the privileges of the process, perform a\ncache poisoning attack or cause a Denial of Service condition. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Dnsmasq users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-dns/dnsmasq-2.83\"\n\nReferences\n==========\n\n[ 1 ] CVE-2020-25681\n https://nvd.nist.gov/vuln/detail/CVE-2020-25681\n[ 2 ] CVE-2020-25682\n https://nvd.nist.gov/vuln/detail/CVE-2020-25682\n[ 3 ] CVE-2020-25683\n https://nvd.nist.gov/vuln/detail/CVE-2020-25683\n[ 4 ] CVE-2020-25684\n https://nvd.nist.gov/vuln/detail/CVE-2020-25684\n[ 5 ] CVE-2020-25685\n https://nvd.nist.gov/vuln/detail/CVE-2020-25685\n[ 6 ] CVE-2020-25686\n https://nvd.nist.gov/vuln/detail/CVE-2020-25686\n[ 7 ] CVE-2020-25687\n https://nvd.nist.gov/vuln/detail/CVE-2020-25687\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202101-17\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2021 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n\n", "sources": [ { "db": "NVD", "id": "CVE-2020-25685" }, { "db": "CERT/CC", "id": "VU#434904" }, { "db": "CNVD", "id": "CNVD-2021-16430" }, { "db": "VULMON", "id": "CVE-2020-25685" }, { "db": "PACKETSTORM", "id": "161281" }, { "db": "PACKETSTORM", "id": "161012" }, { "db": "PACKETSTORM", "id": "161019" }, { "db": "PACKETSTORM", "id": "161013" }, { "db": "PACKETSTORM", "id": "161015" }, { "db": "PACKETSTORM", "id": "161085" }, { "db": "PACKETSTORM", "id": "161101" } ], "trust": 2.88 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-25685", "trust": 3.8 }, { "db": "CERT/CC", "id": "VU#434904", "trust": 0.8 }, { "db": "PACKETSTORM", "id": "161281", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "161085", "trust": 0.7 }, { "db": "CNVD", "id": "CNVD-2021-16430", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021122911", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021070106", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.0231", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.0864", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.0283", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.0692", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.1088", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.0699", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.0420", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-21-019-01", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "161535", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202101-1574", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2020-25685", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "161012", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "161019", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "161013", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "161015", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "161101", "trust": 0.1 } ], "sources": [ { "db": "CERT/CC", "id": "VU#434904" }, { "db": "CNVD", "id": "CNVD-2021-16430" }, { "db": "VULMON", "id": "CVE-2020-25685" }, { "db": "PACKETSTORM", "id": "161281" }, { "db": "PACKETSTORM", "id": "161012" }, { "db": "PACKETSTORM", "id": "161019" }, { "db": "PACKETSTORM", "id": "161013" }, { "db": "PACKETSTORM", "id": "161015" }, { "db": "PACKETSTORM", "id": "161085" }, { "db": "PACKETSTORM", "id": "161101" }, { "db": "CNNVD", "id": "CNNVD-202101-1574" }, { "db": "NVD", "id": "CVE-2020-25685" } ] }, "id": "VAR-202101-0221", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2021-16430" } ], "trust": 0.84812031 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-16430" } ] }, "last_update_date": "2024-07-23T19:47:29.143000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Dnsmasq security feature issue vulnerability (CNVD-2021-16430)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/251936" }, { "title": "Dnsmasq Fixing measures for security feature vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=139940" }, { "title": "Red Hat: Moderate: dnsmasq security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210156 - security advisory" }, { "title": "Red Hat: Moderate: dnsmasq security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210240 - security advisory" }, { "title": "Red Hat: Moderate: dnsmasq security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210245 - security advisory" }, { "title": "Red Hat: Moderate: dnsmasq security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210153 - security advisory" }, { "title": "Red Hat: Moderate: dnsmasq security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210154 - security advisory" }, { "title": "Red Hat: Moderate: dnsmasq security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210155 - security advisory" }, { "title": "Red Hat: Important: Red Hat Virtualization Host security bug fix and enhancement update [ovirt-4.4.4]", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210401 - security advisory" }, { "title": "Red Hat: Important: RHV-H security, bug fix, enhancement update (redhat-virtualization-host) 4.3.13", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210395 - security advisory" }, { "title": "Red Hat: Important: dnsmasq security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210151 - security advisory" }, { "title": "Red Hat: Important: dnsmasq security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210150 - security advisory" }, { "title": "Red Hat: Important: dnsmasq security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210152 - security advisory" }, { "title": "Arch Linux Issues: ", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2020-25685 log" }, { "title": "Amazon Linux 2: ALAS2-2021-1587", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2021-1587" }, { "title": "Debian Security Advisories: DSA-4844-1 dnsmasq -- security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=6bdd82a7af8c0333eca753b3b7b02111" }, { "title": "Red Hat: Important: OpenShift Container Platform 4.4.33 bug fix and security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210281 - security advisory" }, { "title": "Cisco: Multiple Vulnerabilities in dnsmasq DNS Forwarder Affecting Cisco Products: January 2021", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-dnsmasq-dns-2021-c5mrdf3g" }, { "title": "dnspooq", "trust": 0.1, "url": "https://github.com/knqyf263/dnspooq " }, { "title": "multironic\nRequirements:\nInstall libvirt and prepare nodes\nhave to check why we need this\nTODO download ironic images later\nPull images\nTag images\nPush images\nrun httpd\nCheck that two vbmcs are running for the two nodes\nPlay with vbmc and ipmitools\nRun management cluster\nFirewall\nLaunch ironic\nrun capm3\nFirewall\nRef", "trust": 0.1, "url": "https://github.com/mboukhalfa/multironic " }, { "title": "Criminal IP NSE Script", "trust": 0.1, "url": "https://github.com/criminalip/cip-nse-script " }, { "title": "Intro: What\u0027s pique or repique\n\n\nOverview", "trust": 0.1, "url": "https://github.com/az-x/pique " }, { "title": "https://github.com/klcheung99/CSCM28CW2", "trust": 0.1, "url": "https://github.com/klcheung99/cscm28cw2 " }, { "title": "Kaosagnt\u0027s Ansible Everyday Utils", "trust": 0.1, "url": "https://github.com/kaosagnt/ansible-everyday " }, { "title": "F5\u306e\u8106\u5f31\u6027\u60c5\u5831", "trust": 0.1, "url": "https://github.com/dntyo/f5_vulnerability " }, { "title": "Vulnerability", "trust": 0.1, "url": "https://github.com/tzwlhack/vulnerability " }, { "title": "TOP\nTable of Contents\nDonation", "trust": 0.1, "url": "https://github.com/jerry123s/all-poc " }, { "title": "SecBooks\nSecBooks\u76ee\u5f55", "trust": 0.1, "url": "https://github.com/sexybeast233/secbooks " }, { "title": "Table of Contents", "trust": 0.1, "url": "https://github.com/cvedb/top " }, { "title": "Table of Contents", "trust": 0.1, "url": "https://github.com/cvedb/awesome-cve-repo " }, { "title": "TOP\nTable of Contents\nDonation", "trust": 0.1, "url": "https://github.com/hktalent/top " }, { "title": "TOP\nTable of Contents\nDonation", "trust": 0.1, "url": "https://github.com/cyberanand1337x/bug-bounty-2022 " }, { "title": "TOP\nTable of Contents\nDonation", "trust": 0.1, "url": "https://github.com/weeka10/-hktalent-top " }, { "title": "The Register", "trust": 0.1, "url": "https://www.theregister.co.uk/2021/01/20/dns_cache_poisoning/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-16430" }, { "db": "VULMON", "id": "CVE-2020-25685" }, { "db": "CNNVD", "id": "CNNVD-202101-1574" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-326", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2020-25685" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://www.jsof-tech.com/disclosures/dnspooq/" }, { "trust": 1.8, "url": "https://security.gentoo.org/glsa/202101-17" }, { "trust": 1.7, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889688" }, { "trust": 1.7, "url": "https://www.debian.org/security/2021/dsa-4844" }, { "trust": 1.7, "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61" }, { "trust": 1.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-25685" }, { "trust": 1.1, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/wyw3ir6apuskoykl5ft3actihwhgqy32/" }, { "trust": 1.1, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/qgb7hl3owhtlepsmldgomxqkg3km2qme/" }, { "trust": 0.8, "url": "cve-2020-25681 " }, { "trust": 0.8, "url": "cve-2020-25682 " }, { "trust": 0.8, "url": "cve-2020-25683 " }, { "trust": 0.8, "url": "cve-2020-25684 " }, { "trust": 0.8, "url": "cve-2020-25685 " }, { "trust": 0.8, "url": "cve-2020-25686 " }, { "trust": 0.8, "url": "cve-2020-25687 " }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-25686" }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-25684" }, { "trust": 0.6, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.6, "url": "https://access.redhat.com/security/cve/cve-2020-25685" }, { "trust": 0.6, "url": "https://access.redhat.com/security/vulnerabilities/rhsb-2021-001" }, { "trust": 0.6, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.6, "url": "https://access.redhat.com/security/team/key/" }, { "trust": 0.6, "url": "https://access.redhat.com/security/cve/cve-2020-25686" }, { "trust": 0.6, "url": "https://access.redhat.com/security/cve/cve-2020-25684" }, { "trust": 0.6, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.6, "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/qgb7hl3owhtlepsmldgomxqkg3km2qme/" }, { "trust": 0.6, "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/wyw3ir6apuskoykl5ft3actihwhgqy32/" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/161281/red-hat-security-advisory-2021-0401-01.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/161535/ubuntu-security-notice-usn-4698-2.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/161085/gentoo-linux-security-advisory-202101-17.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.0699" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.0864" }, { "trust": 0.6, "url": "https://www.huawei.com/cn/psirt/security-notices/huawei-sn-20210120-01-dnspooq-cn" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.0283/" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-01" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.0692" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.1088" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.0420" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021070106" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.0231/" }, { "trust": 0.6, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-dnsmasq-dns-2021-c5mrdf3g" }, { "trust": 0.6, "url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-privileged-identity-manager-is-affected-by-security-vulnerabilities-cve-2020-25684-cve-2020-25685-cve-2020-25686/" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021122911" }, { "trust": 0.5, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.3, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-25682" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-25687" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-25683" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-25681" }, { "trust": 0.3, "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "trust": 0.2, "url": "https://access.redhat.com/errata/rhsa-2021:0156" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2020-25682" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2020-25687" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2020-25681" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2020-25683" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/326.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://github.com/knqyf263/dnspooq" }, { "trust": 0.1, "url": "https://security.archlinux.org/cve-2020-25685" }, { "trust": 0.1, "url": "https://access.redhat.com/articles/2974891" }, { "trust": 0.1, "url": "https://access.redhat.com/security/vulnerabilities/rhsb-2021-002" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3156" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:0401" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3156" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:0150" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:0154" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:0152" }, { "trust": 0.1, "url": "https://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "https://security.gentoo.org/" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:0245" } ], "sources": [ { "db": "CERT/CC", "id": "VU#434904" }, { "db": "CNVD", "id": "CNVD-2021-16430" }, { "db": "VULMON", "id": "CVE-2020-25685" }, { "db": "PACKETSTORM", "id": "161281" }, { "db": "PACKETSTORM", "id": "161012" }, { "db": "PACKETSTORM", "id": "161019" }, { "db": "PACKETSTORM", "id": "161013" }, { "db": "PACKETSTORM", "id": "161015" }, { "db": "PACKETSTORM", "id": "161085" }, { "db": "PACKETSTORM", "id": "161101" }, { "db": "CNNVD", "id": "CNNVD-202101-1574" }, { "db": "NVD", "id": "CVE-2020-25685" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CERT/CC", "id": "VU#434904" }, { "db": "CNVD", "id": "CNVD-2021-16430" }, { "db": "VULMON", "id": "CVE-2020-25685" }, { "db": "PACKETSTORM", "id": "161281" }, { "db": "PACKETSTORM", "id": "161012" }, { "db": "PACKETSTORM", "id": "161019" }, { "db": "PACKETSTORM", "id": "161013" }, { "db": "PACKETSTORM", "id": "161015" }, { "db": "PACKETSTORM", "id": "161085" }, { "db": "PACKETSTORM", "id": "161101" }, { "db": "CNNVD", "id": "CNNVD-202101-1574" }, { "db": "NVD", "id": "CVE-2020-25685" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-01-19T00:00:00", "db": "CERT/CC", "id": "VU#434904" }, { "date": "2021-03-11T00:00:00", "db": "CNVD", "id": "CNVD-2021-16430" }, { "date": "2021-01-20T00:00:00", "db": "VULMON", "id": "CVE-2020-25685" }, { "date": "2021-02-03T16:36:53", "db": "PACKETSTORM", "id": "161281" }, { "date": "2021-01-19T14:45:12", "db": "PACKETSTORM", "id": "161012" }, { "date": "2021-01-19T14:46:12", "db": "PACKETSTORM", "id": "161019" }, { "date": "2021-01-19T14:45:21", "db": "PACKETSTORM", "id": "161013" }, { "date": "2021-01-19T14:45:36", "db": "PACKETSTORM", "id": "161015" }, { "date": "2021-01-25T14:38:26", "db": "PACKETSTORM", "id": "161085" }, { "date": "2021-01-25T17:28:57", "db": "PACKETSTORM", "id": "161101" }, { "date": "2021-01-20T00:00:00", "db": "CNNVD", "id": "CNNVD-202101-1574" }, { "date": "2021-01-20T16:15:14.303000", "db": "NVD", "id": "CVE-2020-25685" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-10-06T00:00:00", "db": "CERT/CC", "id": "VU#434904" }, { "date": "2021-07-15T00:00:00", "db": "CNVD", "id": "CNVD-2021-16430" }, { "date": "2023-11-07T00:00:00", "db": "VULMON", "id": "CVE-2020-25685" }, { "date": "2022-10-08T00:00:00", "db": "CNNVD", "id": "CNNVD-202101-1574" }, { "date": "2023-11-07T03:20:22.197000", "db": "NVD", "id": "CVE-2020-25685" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "161085" }, { "db": "CNNVD", "id": "CNNVD-202101-1574" } ], "trust": 0.7 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Dnsmasq is vulnerable to memory corruption and cache poisoning", "sources": [ { "db": "CERT/CC", "id": "VU#434904" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "encryption problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-202101-1574" } ], "trust": 0.6 } }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.