AVG-1470 log

Package dnsmasq
Status Fixed
Severity High
Type multiple issues
Affected 2.82-2
Fixed 2.83-1
Current 2.86-1 [extra]
Ticket None
Created Tue Jan 19 12:52:46 2021
Issue Severity Remote Type Description
CVE-2020-25687 Medium Yes Denial of service
A heap-based buffer overflow was discovered in dnsmasq before version 2.83 when DNSSEC is enabled and before it validates the received DNS entries. A remote...
CVE-2020-25686 Medium Yes Insufficient validation
A flaw was found when receiving a query, where dnsmasq before version 2.83 does not check for an existing pending request for the same name and forwards a...
CVE-2020-25685 Medium Yes Insufficient validation
When getting a reply from a forwarded query, dnsmasq before version 2.83 checks in forward.c:reply_query() which one is the forwarded query that matches the...
CVE-2020-25684 Medium Yes Insufficient validation
A flaw was found when getting a reply from a forwarded query, where dnsmasq before version 2.83 checks in forward.c:reply_query() if the reply destination...
CVE-2020-25683 Medium Yes Denial of service
A heap-based buffer overflow was discovered in dnsmasq before version 2.83 when DNSSEC is enabled and before it validates the received DNS entries. A remote...
CVE-2020-25682 High Yes Arbitrary code execution
A buffer overflow vulnerability was discovered in the way dnsmasq before version 2.83 extract names from DNS packets before validating them with DNSSEC...
CVE-2020-25681 High Yes Arbitrary code execution
A heap-based buffer overflow was discovered in dnsmasq before version 2.83 in the way it sorts RRSets before validating them with DNSSEC data. An attacker...
Date Advisory Package Type
20 Jan 2021 ASA-202101-38 dnsmasq multiple issues