CVE-2021-3448

Published: 08 April 2021

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity.

Priority

Medium

CVSS 3 base score: 4.0

Status

Package Release Status
dnsmasq
Launchpad, Ubuntu, Debian
Upstream
Released (2.85)
Ubuntu 21.04 (Hirsute Hippo)
Released (2.84-1ubuntu2.1)
Ubuntu 20.04 LTS (Focal Fossa)
Released (2.80-1.1ubuntu1.4)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (2.79-1ubuntu0.4)
Ubuntu 16.04 ESM (Xenial Xerus) Needed

Ubuntu 14.04 ESM (Trusty Tahr) Needs triage

Patches:
Upstream: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=74d4fcd756a85bc1823232ea74334f7ccfb9d5d2