VDB

GCVE-110-MAGEIA-2021-231

GCVE-110-MAGEIA-2021-231
Advisory Published
Vulnetix · Advisory published June 8, 2021
A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier (CVE-2021-3448). This kind of configuration is the default when network-manager uses dnsmasq.

Affected Products

VendorProductVersionsPlatforms
Mageiaperl-URPM0 (affected), 5.222-1.mga8 (unaffected)
Mageiadnsmasq2.85-1.mga8 (unaffected), 0 (affected), 0 (affected), 2.85-1.mga8 (unaffected)
Mageiadnsmasq0 (affected), 2.85-1.mga7 (unaffected), 2.85-1.mga7 (unaffected), 0 (affected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›