CVE-2017-15107

Published: 23 January 2018

A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.

Priority

CVSS 3 base score: 7.5

Status

Package	Release	Status
dnsmasq Launchpad, Ubuntu, Debian	Upstream	Released (2.79-1)


	Ubuntu 20.04 LTS (Focal Fossa)	Not vulnerable (2.79-1)
	Ubuntu 18.04 LTS (Bionic Beaver)	Not vulnerable (2.79-1)
	Ubuntu 16.04 ESM (Xenial Xerus)	Released (2.75-1ubuntu0.16.04.10)
	Ubuntu 14.04 ESM (Trusty Tahr)	Not vulnerable (code not present)
	Patches: Upstream: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4fe6744a220eddd3f1749b40cac3dfc510787de6 Upstream: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=cd7df612b14ec1bf831a966ccaf076be0dae7404

References

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888200

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM