Bug 754273 (CVE-2020-25705)

Summary:	kernel: DNS cache poisoning (SAD DNS) (CVE-2020-25705)
Product:	Gentoo Security	Reporter:	Sam James <sam>
Component:	Kernel	Assignee:	Gentoo Kernel Security <security-kernel>
Status:	RESOLVED FIXED
Severity:	normal	CC:	hydrapolic
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://www.cs.ucr.edu/~zhiyunq/SADDNS.html
Whiteboard:
Package list:		Runtime testing required:	---

Description Sam James archtester

2020-11-13 15:44:41 UTC

Patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b38e7819cae946e2edf869e604af1e65a5d241c5

But this is a 'stronger' fix AFAIK, as it fixes the problem at the source:

https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.4/random32-make-prandom_u32-output-unpredictable.patch

Comment 1 NATTkA bot gentoo-dev

2021-07-29 17:25:23 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 2 NATTkA bot gentoo-dev

2021-07-29 17:33:56 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 3 NATTkA bot gentoo-dev

2021-07-29 17:41:49 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 4 NATTkA bot gentoo-dev

2021-07-29 17:49:58 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 5 NATTkA bot gentoo-dev

2021-07-29 18:05:52 UTC

Package list is empty or all packages have requested keywords.

Comment 6 John Helmert III archtester

2022-03-26 01:10:05 UTC

Fix in 4.9.241, 4.14.203, 4.19.153, 5.4.73.