CVSS: 7.5EPSS: 5%CPEs: 21EXPL: 1CVE-2023-50387 – bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator
https://notcve.org/view.php?id=CVE-2023-50387
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records. Ciertos aspectos DNSSEC del protocolo DNS (en RFC 4035 y RFC relacionados) permiten a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través de una o más respuestas DNSSEC cuando hay una zona con muchos registros DNSKEY y RRSIG, también conocido como "KeyTrap". " asunto. La especificación del protocolo implica que un algoritmo debe evaluar todas las combinaciones de registros DNSKEY y RRSIG. Processing specially crafted responses coming from DNSSEC-signed zones can lead to uncontrolled CPU usage, leading to a Denial of Service in the DNSSEC-validating resolver side. This vulnerability applies only for systems where DNSSEC validation is enabled. • https://github.com/knqyf263/CVE-2023-50387 http://www.openwall.com/lists/oss-security/2024/02/16/2 http://www.openwall.com/lists/oss-security/2024/02/16/3 https://access.redhat.com/security/cve/CVE-2023-50387 https://bugzilla.suse.com/show_bug.cgi?id=1219823 https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1 https://kb.isc.org/docs/cve-2023-50387 https://lists&# • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28450 – dnsmasq: default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232
https://notcve.org/view.php?id=CVE-2023-28450
An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020. A flaw was found in Dnsmasq. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020. • https://capec.mitre.org/data/definitions/495.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA https://thekelleys.org.uk/dnsmasq/doc.html https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5 https://acc • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-0934 – dnsmasq: Heap use after free in dhcp6_no_relay
https://notcve.org/view.php?id=CVE-2022-0934
A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service. En dnsmasq ha sido encontrado un fallo de escritura/uso de memoria previamente liberada de un byte no arbitrario. Este fallo permite a un atacante que envíe un paquete diseñado procesado por dnsmasq, causando potencialmente una denegación de servicio • https://access.redhat.com/security/cve/CVE-2022-0934 https://bugzilla.redhat.com/show_bug.cgi?id=2057075 https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-45951
https://notcve.org/view.php?id=CVE-2021-45951
Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (called from check_for_bogus_wildcard and FuzzCheckForBogusWildcard). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. ** EN DISPUTA ** Dnsmasq versión 2.86, presenta un desbordamiento de búfer en la región heap de la memoria en la función check_bad_address (llamado desde check_for_bogus_wildcard y FuzzCheckForBogusWildcard). NOTA: la posición del proveedor es que CVE-2021-45951 a CVE-2021-45957 "no representan vulnerabilidades reales, según nuestro conocimiento" • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35868 https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-924.yaml https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016162.html https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016164.html • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-45952
https://notcve.org/view.php?id=CVE-2021-45952
Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called from dhcp_packet and FuzzDhcp). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge. ** EN DISPUTA ** Dnsmasq versión 2.86, presenta un desbordamiento de buffer en la región heap de la memoria en la función dhcp_reply (llamado desde dhcp_packet y FuzzDhcp). NOTA: la posición del proveedor es que CVE-2021-45951 a CVE-2021-45957 "no representan vulnerabilidades reales, según nuestro conocimiento" • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35870 https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-927.yaml https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016162.html https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016164.html • CWE-787: Out-of-bounds Write •