Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 782130 (CVE-2021-3448) - <net-dns/dnsmasq-2.85: fixed outgoing port used when --server is used with an interface name (CVE-2021-3448)
Summary: <net-dns/dnsmasq-2.85: fixed outgoing port used when --server is used with an...
Status: RESOLVED FIXED
Alias: CVE-2021-3448
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor
Assignee: Gentoo Security
URL: https://lists.thekelleys.org.uk/piper...
Whiteboard: B3 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2021-04-11 19:12 UTC by John Helmert III
Modified: 2021-05-26 08:59 UTC (History)
1 user (show)

See Also:
Package list:
net-dns/dnsmasq-2.85
Runtime testing required: ---
nattka: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-04-11 19:12:01 UTC
CVE-2021-3448:

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity.


Fixed in 2.85, please bump.
Comment 1 Larry the Git Cow gentoo-dev 2021-04-15 23:37:37 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ee7be1b8c8d143b052c2d0c00974e039430cdc37

commit ee7be1b8c8d143b052c2d0c00974e039430cdc37
Author:     Patrick McLean <chutzpah@gentoo.org>
AuthorDate: 2021-04-15 23:37:17 +0000
Commit:     Patrick McLean <chutzpah@gentoo.org>
CommitDate: 2021-04-15 23:37:17 +0000

    net-dns/dnsmasq-2.85: Version bump (bug #782130)
    
    Bug: https://bugs.gentoo.org/782130
    Package-Manager: Portage-3.0.18, Repoman-3.0.3
    Signed-off-by: Patrick McLean <chutzpah@gentoo.org>

 net-dns/dnsmasq/Manifest            |   1 +
 net-dns/dnsmasq/dnsmasq-2.85.ebuild | 217 ++++++++++++++++++++++++++++++++++++
 2 files changed, 218 insertions(+)
Comment 2 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-04-16 02:21:53 UTC
Thanks! Let us know when ready to stable.
Comment 3 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-04-26 22:10:17 UTC
Ping
Comment 4 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-05-06 05:47:22 UTC
Ping
Comment 5 Agostino Sarubbo gentoo-dev 2021-05-12 07:58:42 UTC
amd64 stable
Comment 6 Agostino Sarubbo gentoo-dev 2021-05-12 20:12:42 UTC
x86 stable
Comment 7 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-05-13 16:24:09 UTC
ppc64 done
Comment 8 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-05-13 21:14:09 UTC
arm64 done
Comment 9 Agostino Sarubbo gentoo-dev 2021-05-14 06:42:13 UTC
ppc stable
Comment 10 Agostino Sarubbo gentoo-dev 2021-05-14 06:45:28 UTC
sparc stable
Comment 11 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-05-15 02:41:22 UTC
arm done

all arches done
Comment 12 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-05-15 02:55:24 UTC
Please cleanup, thanks!
Comment 13 Thomas Deutschmann (RETIRED) gentoo-dev 2021-05-25 13:31:10 UTC
New GLSA request filed.
Comment 14 Larry the Git Cow gentoo-dev 2021-05-25 13:33:17 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6109df8405c78516589580b6d0867c000072752e

commit 6109df8405c78516589580b6d0867c000072752e
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2021-05-25 13:33:03 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2021-05-25 13:33:12 +0000

    net-dns/dnsmasq: security cleanup
    
    Bug: https://bugs.gentoo.org/782130
    Package-Manager: Portage-3.0.18, Repoman-3.0.3
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 net-dns/dnsmasq/Manifest                           |   2 -
 net-dns/dnsmasq/dnsmasq-2.83-r101.ebuild           | 217 --------------------
 net-dns/dnsmasq/dnsmasq-2.84-r101.ebuild           | 221 ---------------------
 .../files/dnsmasq-2.84-version-string.patch        |  13 --
 4 files changed, 453 deletions(-)
Comment 15 GLSAMaker/CVETool Bot gentoo-dev 2021-05-26 08:59:37 UTC
This issue was resolved and addressed in
 GLSA 202105-20 at https://security.gentoo.org/glsa/202105-20
by GLSA coordinator Thomas Deutschmann (whissi).