CVE-2020-25687 - log back

CVE-2020-25687 edited at 19 Jan 2021 13:53:03
Description
- A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rtc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a Denial of Service.
+ A heap-based buffer overflow was discovered in dnsmasq before version 2.83 when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rtc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a Denial of Service.
CVE-2020-25687 edited at 19 Jan 2021 13:03:25
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rtc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a Denial of Service.
References
+ https://www.openwall.com/lists/oss-security/2021/01/19/1
+ https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q1/014599.html
+ https://www.jsof-tech.com/disclosures/dnspooq/
+ https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
Notes
CVE-2020-25687 created at 19 Jan 2021 12:52:46