Search CVE reports
1 – 10 of 43 results
CVE-2023-49441
Low prioritySome fixes available 4 of 5
dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query.
1 affected package
dnsmasq
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dnsmasq | Not affected | Fixed | Fixed | Fixed | Fixed |
CVE-2023-50868
Medium prioritySome fixes available 20 of 42
The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random...
7 affected packages
bind9, bind9-libs, dnsmasq, isc-dhcp, knot-resolver...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
bind9 | Fixed | Fixed | Fixed | Fixed | Fixed |
bind9-libs | Not in release | Needs evaluation | Needs evaluation | Not in release | Not in release |
dnsmasq | Fixed | Fixed | Fixed | Fixed | Fixed |
isc-dhcp | Needs evaluation | Not affected | Not affected | Needs evaluation | Not affected |
knot-resolver | Vulnerable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
pdns-recursor | Vulnerable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
unbound | Fixed | Fixed | Fixed | Needs evaluation | Needs evaluation |
CVE-2023-50387
Medium prioritySome fixes available 20 of 42
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of...
7 affected packages
bind9, bind9-libs, dnsmasq, isc-dhcp, knot-resolver...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
bind9 | Fixed | Fixed | Fixed | Fixed | Fixed |
bind9-libs | Not in release | Needs evaluation | Needs evaluation | Not in release | Not in release |
dnsmasq | Fixed | Fixed | Fixed | Fixed | Fixed |
isc-dhcp | Needs evaluation | Not affected | Not affected | Needs evaluation | Not affected |
knot-resolver | Vulnerable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
pdns-recursor | Vulnerable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
unbound | Fixed | Fixed | Fixed | Needs evaluation | Needs evaluation |
CVE-2023-28450
Low prioritySome fixes available 8 of 9
An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.
1 affected package
dnsmasq
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dnsmasq | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2022-0934
Medium priorityA single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service.
1 affected package
dnsmasq
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dnsmasq | — | Fixed | Fixed | Fixed | Fixed |
CVE-2021-45957
Medium priority** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (called from FuzzAnswerTheRequest and fuzz_rfc1035.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real...
1 affected package
dnsmasq
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dnsmasq | — | Not affected | Not affected | Not affected | Not affected |
CVE-2021-45956
Medium priority** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called from log_packet and dhcp_reply). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities,...
1 affected package
dnsmasq
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dnsmasq | — | Not affected | Not affected | Not affected | Not affected |
CVE-2021-45955
Medium priority** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and fuzz_rfc1035.c) because of the lack of a proper bounds check upon pseudo header re-insertion. NOTE: the vendor's...
1 affected package
dnsmasq
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dnsmasq | — | Not affected | Not affected | Not affected | Not affected |
CVE-2021-45954
Medium priority** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from answer_auth and FuzzAuth). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities,...
1 affected package
dnsmasq
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dnsmasq | — | Not affected | Not affected | Not affected | Not affected |
CVE-2021-45953
Medium priority** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from hash_questions and fuzz_util.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real...
1 affected package
dnsmasq
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dnsmasq | — | Not affected | Not affected | Not affected | Not affected |