Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 782130 (CVE-2021-3448) - <net-dns/dnsmasq-2.85: fixed outgoing port used when --server is used with an interface name (CVE-2021-3448)
Summary: <net-dns/dnsmasq-2.85: fixed outgoing port used when --server is used with an...
Status: RESOLVED FIXED
Alias: CVE-2021-3448
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://lists.thekelleys.org.uk/piper...
Whiteboard: B3 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2021-04-11 19:12 UTC by John Helmert III
Modified: 2021-05-26 08:59 UTC (History)
1 user (show)

See Also:
Package list:
net-dns/dnsmasq-2.85
Runtime testing required: ---
nattka: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-04-11 19:12:01 UTC 
CVE-2021-3448:

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity.


Fixed in 2.85, please bump.
Comment 1 Larry the Git Cow gentoo-dev 2021-04-15 23:37:37 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ee7be1b8c8d143b052c2d0c00974e039430cdc37

commit ee7be1b8c8d143b052c2d0c00974e039430cdc37
Author:     Patrick McLean <chutzpah@gentoo.org>
AuthorDate: 2021-04-15 23:37:17 +0000
Commit:     Patrick McLean <chutzpah@gentoo.org>
CommitDate: 2021-04-15 23:37:17 +0000

    net-dns/dnsmasq-2.85: Version bump (bug #782130)
    
    Bug: https://bugs.gentoo.org/782130
    Package-Manager: Portage-3.0.18, Repoman-3.0.3
    Signed-off-by: Patrick McLean <chutzpah@gentoo.org>

 net-dns/dnsmasq/Manifest            |   1 +
 net-dns/dnsmasq/dnsmasq-2.85.ebuild | 217 ++++++++++++++++++++++++++++++++++++
 2 files changed, 218 insertions(+)
Comment 2 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-04-16 02:21:53 UTC 
Thanks! Let us know when ready to stable.
Comment 3 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-04-26 22:10:17 UTC 
Ping
Comment 4 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-05-06 05:47:22 UTC 
Ping
Comment 5 Agostino Sarubbo gentoo-dev 2021-05-12 07:58:42 UTC 
amd64 stable
Comment 6 Agostino Sarubbo gentoo-dev 2021-05-12 20:12:42 UTC 
x86 stable
Comment 7 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-05-13 16:24:09 UTC 
ppc64 done
Comment 8 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-05-13 21:14:09 UTC 
arm64 done
Comment 9 Agostino Sarubbo gentoo-dev 2021-05-14 06:42:13 UTC 
ppc stable
Comment 10 Agostino Sarubbo gentoo-dev 2021-05-14 06:45:28 UTC 
sparc stable
Comment 11 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-05-15 02:41:22 UTC 
arm done

all arches done
Comment 12 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-05-15 02:55:24 UTC 
Please cleanup, thanks!
Comment 13 Thomas Deutschmann (RETIRED) gentoo-dev 2021-05-25 13:31:10 UTC 
New GLSA request filed.
Comment 14 Larry the Git Cow gentoo-dev 2021-05-25 13:33:17 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6109df8405c78516589580b6d0867c000072752e

commit 6109df8405c78516589580b6d0867c000072752e
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2021-05-25 13:33:03 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2021-05-25 13:33:12 +0000

    net-dns/dnsmasq: security cleanup
    
    Bug: https://bugs.gentoo.org/782130
    Package-Manager: Portage-3.0.18, Repoman-3.0.3
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 net-dns/dnsmasq/Manifest                           |   2 -
 net-dns/dnsmasq/dnsmasq-2.83-r101.ebuild           | 217 --------------------
 net-dns/dnsmasq/dnsmasq-2.84-r101.ebuild           | 221 ---------------------
 .../files/dnsmasq-2.84-version-string.patch        |  13 --
 4 files changed, 453 deletions(-)
Comment 15 GLSAMaker/CVETool Bot gentoo-dev 2021-05-26 08:59:37 UTC 
This issue was resolved and addressed in
 GLSA 202105-20 at https://security.gentoo.org/glsa/202105-20
by GLSA coordinator Thomas Deutschmann (whissi).