Search CVE reports


Toggle filters

1 – 10 of 43 results


CVE-2023-49441

Low priority

Some fixes available 4 of 5

dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query.

1 affected package

dnsmasq

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dnsmasq Not affected Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-50868

Medium priority

Some fixes available 20 of 42

The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random...

7 affected packages

bind9, bind9-libs, dnsmasq, isc-dhcp, knot-resolver...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bind9 Fixed Fixed Fixed Fixed Fixed
bind9-libs Not in release Needs evaluation Needs evaluation Not in release Not in release
dnsmasq Fixed Fixed Fixed Fixed Fixed
isc-dhcp Needs evaluation Not affected Not affected Needs evaluation Not affected
knot-resolver Vulnerable Needs evaluation Needs evaluation Needs evaluation Needs evaluation
pdns-recursor Vulnerable Needs evaluation Needs evaluation Needs evaluation Needs evaluation
unbound Fixed Fixed Fixed Needs evaluation Needs evaluation
Show all 7 packages Show less packages

CVE-2023-50387

Medium priority

Some fixes available 20 of 42

Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of...

7 affected packages

bind9, bind9-libs, dnsmasq, isc-dhcp, knot-resolver...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bind9 Fixed Fixed Fixed Fixed Fixed
bind9-libs Not in release Needs evaluation Needs evaluation Not in release Not in release
dnsmasq Fixed Fixed Fixed Fixed Fixed
isc-dhcp Needs evaluation Not affected Not affected Needs evaluation Not affected
knot-resolver Vulnerable Needs evaluation Needs evaluation Needs evaluation Needs evaluation
pdns-recursor Vulnerable Needs evaluation Needs evaluation Needs evaluation Needs evaluation
unbound Fixed Fixed Fixed Needs evaluation Needs evaluation
Show all 7 packages Show less packages

CVE-2023-28450

Low priority

Some fixes available 8 of 9

An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.

1 affected package

dnsmasq

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dnsmasq Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-0934

Medium priority
Fixed

A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service.

1 affected package

dnsmasq

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dnsmasq Fixed Fixed Fixed Fixed
Show less packages

CVE-2021-45957

Medium priority
Ignored

** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (called from FuzzAnswerTheRequest and fuzz_rfc1035.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real...

1 affected package

dnsmasq

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dnsmasq Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-45956

Medium priority
Ignored

** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called from log_packet and dhcp_reply). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities,...

1 affected package

dnsmasq

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dnsmasq Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-45955

Medium priority
Ignored

** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and fuzz_rfc1035.c) because of the lack of a proper bounds check upon pseudo header re-insertion. NOTE: the vendor's...

1 affected package

dnsmasq

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dnsmasq Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-45954

Medium priority
Ignored

** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from answer_auth and FuzzAuth). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities,...

1 affected package

dnsmasq

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dnsmasq Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-45953

Medium priority
Ignored

** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from hash_questions and fuzz_util.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real...

1 affected package

dnsmasq

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dnsmasq Not affected Not affected Not affected Not affected
Show less packages