CVE-2017-15107

Published: 23 January 2018

A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.

Priority

CVSS 3 base score: 7.5

Status

Package	Release	Status
dnsmasq Launchpad, Ubuntu, Debian	artful	Ignored (reached end-of-life)
	bionic	Not vulnerable (2.79-1)
	cosmic	Not vulnerable (2.79-1)
	disco	Not vulnerable (2.79-1)
	eoan	Not vulnerable (2.79-1)
	focal	Not vulnerable (2.79-1)
	groovy	Not vulnerable (2.79-1)
	precise	Not vulnerable (code not present)
	trusty	Not vulnerable (code not present)
	upstream	Released (2.79-1)
	xenial	Released (2.75-1ubuntu0.16.04.10)

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15107
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2018q1/011896.html
https://ubuntu.com/security/notices/USN-4924-1
NVD
Launchpad
Debian

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888200

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›