Debian Linux Security Advisory 4844-1 - Moshe Kol and Shlomi Oberman of JSOF discovered several vulnerabilities in dnsmasq, a small caching DNS proxy and DHCP/TFTP server. They could result in denial of service, cache poisoning or the execution of arbitrary code.
e8796fb0d51a874f14fa08f40ef54df04e7a41a8ec5691ce2db533b0966e1ebfUbuntu Security Notice 4698-2 - USN-4698-1 fixed vulnerabilities in Dnsmasq. The updates introduced regressions in certain environments related to issues with multiple queries, and issues with retries. This update fixes the problem. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented address/port checks. A remote attacker could use this issue to perform a cache poisoning attack. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented query resource name checks. A remote attacker could use this issue to perform a cache poisoning attack. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled multiple query requests for the same resource name. A remote attacker could use this issue to perform a cache poisoning attack. It was discovered that Dnsmasq incorrectly handled memory during DHCP response creation. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Various other issues were also addressed.
e42a5bdd054f191f80e2ffa56b1efcc9969c7a22e49b0f34c75af8093966adecRed Hat Security Advisory 2021-0401-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a buffer overflow vulnerability.
034eb3e36fb41523c183cce7fb7db81b540b3f41c75420847bab7b9527045d5cRed Hat Security Advisory 2021-0395-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a buffer overflow vulnerability.
49977143520cecce774113ea2a67d42ba9b82c061e235564ca9f6f24094c01beRed Hat Security Advisory 2021-0281-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
dbb2906dd388b0ae05e96eb75aa85f2757386ed1012ef745eb72036c24c8f74cRed Hat Security Advisory 2021-0245-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server.
7326769caf10d825eb5619b9f2d8672b070282d65b70e5a85363a2d1c93e45d0Red Hat Security Advisory 2021-0240-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server.
c2e3eb73bcb1335246ba4b75aa396d2cda0e351c17f60e52b2aed87cda2e30f6Gentoo Linux Security Advisory 202101-17 - Multiple vulnerabilities have been found in Dnsmasq, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 2.83 are affected.
d74f76a7c852d4e7f3291ec2d0874f62ca39a4044f320676208797e0e34e79a6Red Hat Security Advisory 2021-0155-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server.
54a1700ca996bed8d204dd3114fd45a0e703d3d1ac9e22020de24b48a9926ae8Red Hat Security Advisory 2021-0154-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server.
601d693d3116b894a5266fff04bebe2a7036af4dd8ba10f3a8eb1a4898eeb5f6Red Hat Security Advisory 2021-0153-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server.
fe0023c6ee15192e0d3139b7bd4dcbcd90821f565b10180db88ba58908ca07a0Red Hat Security Advisory 2021-0156-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server.
1e4e0f76e6eb80ac82ec2d706968beb107e3975182cf9f9da50a976d22dad8dfRed Hat Security Advisory 2021-0151-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Issues addressed include a buffer overflow vulnerability.
5cacb245ded9cb0275435d6d03ed5404c38a386848e0aebb23e203773a840c87Red Hat Security Advisory 2021-0152-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Issues addressed include a buffer overflow vulnerability.
9b59a676f7ab63b37837fc8aca08d6a1fcfb43fdce5b00d2ab7a4fb5581caad6Red Hat Security Advisory 2021-0150-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Issues addressed include a buffer overflow vulnerability.
edf41284ec526e49fbfc0b6cad88932a74ce20dec21784a5789b3eaf7d4ba150Ubuntu Security Notice 4698-1 - Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
9c1f6232a679d122ff8827bec18d6a2293e60660e241bd6df7f98f81f663017a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed