Your submission was sent successfully! Close

USN-4976-2: Dnsmasq vulnerability

7 September 2022

Dnsmasq could be exposed to cache poisoning.

Releases

Packages

  • dnsmasq - Small caching DNS proxy and DHCP/TFTP server

Details

USN-4976-1 fixed a vulnerability in Dnsmasq. This update provides
the corresponding update for Ubuntu 16.04 ESM.

Dnsmasq has been updated to 2.79-1 for Ubuntu 16.04 ESM in order to fix
some security issues.

Original advisory details:

Petr Mensik discovered that Dnsmasq incorrectly randomized source ports in
certain configurations. A remote attacker could possibly use this issue to
facilitate DNS cache poisoning attacks.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

Related notices

  • USN-4976-1: dnsmasq-utils, dnsmasq-base-lua, dnsmasq-base, dnsmasq