CVE-2021-3448: A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity. Fixed in 2.85, please bump.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ee7be1b8c8d143b052c2d0c00974e039430cdc37 commit ee7be1b8c8d143b052c2d0c00974e039430cdc37 Author: Patrick McLean <chutzpah@gentoo.org> AuthorDate: 2021-04-15 23:37:17 +0000 Commit: Patrick McLean <chutzpah@gentoo.org> CommitDate: 2021-04-15 23:37:17 +0000 net-dns/dnsmasq-2.85: Version bump (bug #782130) Bug: https://bugs.gentoo.org/782130 Package-Manager: Portage-3.0.18, Repoman-3.0.3 Signed-off-by: Patrick McLean <chutzpah@gentoo.org> net-dns/dnsmasq/Manifest | 1 + net-dns/dnsmasq/dnsmasq-2.85.ebuild | 217 ++++++++++++++++++++++++++++++++++++ 2 files changed, 218 insertions(+)
Thanks! Let us know when ready to stable.
Ping
amd64 stable
x86 stable
ppc64 done
arm64 done
ppc stable
sparc stable
arm done all arches done
Please cleanup, thanks!
New GLSA request filed.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6109df8405c78516589580b6d0867c000072752e commit 6109df8405c78516589580b6d0867c000072752e Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2021-05-25 13:33:03 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2021-05-25 13:33:12 +0000 net-dns/dnsmasq: security cleanup Bug: https://bugs.gentoo.org/782130 Package-Manager: Portage-3.0.18, Repoman-3.0.3 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> net-dns/dnsmasq/Manifest | 2 - net-dns/dnsmasq/dnsmasq-2.83-r101.ebuild | 217 -------------------- net-dns/dnsmasq/dnsmasq-2.84-r101.ebuild | 221 --------------------- .../files/dnsmasq-2.84-version-string.patch | 13 -- 4 files changed, 453 deletions(-)
This issue was resolved and addressed in GLSA 202105-20 at https://security.gentoo.org/glsa/202105-20 by GLSA coordinator Thomas Deutschmann (whissi).