CaROS/meta-openembedded
3
1
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-01-01 13:58:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

dnsmasq: Security fix CVE-2021-3448

Browse Source 
Source: https://thekelleys.org.uk/dnsmasq.git
MR: 110238
Type: Security Fix
Disposition: Backport from https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=74d4fcd756a85bc1823232ea74334f7ccfb9d5d2
ChangeID: 3365bcc47b0467b487f14fc6bfad89bc560cd818
Description:

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity.

Signed-off-by: Armin Kuster <akuster@mvista.com>
This commit is contained in:
Armin Kuster 2021-09-10 15:16:48 -07:00
parent 06d80777f4
commit 2e7e98cd0c
2 changed files with 1041 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1040
meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2021-3448.patch Normal file
View File

File diff suppressed because it is too large Load Diff

1
meta-networking/recipes-support/dnsmasq/dnsmasq_2.81.bb
View File

@ -10,4 +10,5 @@ SRC_URI += "\
file://CVE-2020-25685-2.patch \
file://CVE-2020-25686-1.patch \
file://CVE-2020-25686-2.patch \
file://CVE-2021-3448.patch \
"