CVE-2020-25681
dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Se encontró un fallo en dnsmasq versiones anteriores a 2.83. Se detectó un desbordamiento del búfer en la región heap de la memoria en la manera en que se clasifican los RRSets antes de validarlos con los datos de DNSSEC. Un atacante en la red, que puede falsificar respuestas DNS tal que son aceptadas como válidas, podría usar este fallo para causar un desbordamiento del búfer con datos arbitrarios en un segmento de la memoria de la pila, posiblemente ejecutando código en la máquina. La mayor amenaza de esta vulnerabilidad es la confidencialidad e integridad de los datos, así como la disponibilidad del sistema
A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-09-16 CVE Reserved
- 2021-01-19 CVE Published
- 2024-08-04 CVE Updated
- 2024-11-09 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-122: Heap-based Buffer Overflow
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2021/03/msg00027.html | Mailing List |
|
| https://www.jsof-tech.com/disclosures/dnspooq | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1881875 | 2021-01-19 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Thekelleys Search vendor "Thekelleys" | Dnsmasq Search vendor "Thekelleys" for product "Dnsmasq" | < 2.83 Search vendor "Thekelleys" for product "Dnsmasq" and version " < 2.83" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 32 Search vendor "Fedoraproject" for product "Fedora" and version "32" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 33 Search vendor "Fedoraproject" for product "Fedora" and version "33" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||