CVE-2020-25681 log
Source |
|
Severity | High |
Remote | Yes |
Type | Arbitrary code execution |
Description | A heap-based buffer overflow was discovered in dnsmasq before version 2.83 in the way it sorts RRSets before validating them with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-1470 | dnsmasq | 2.82-2 | 2.83-1 | High | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
20 Jan 2021 | ASA-202101-38 | AVG-1470 | dnsmasq | High | multiple issues |