Multiple vulnerabilities have been found in Dnsmasq, the worst of which may allow remote attackers to execute arbitrary code.
Package | net-dns/dnsmasq on all architectures |
---|---|
Affected versions | < 2.83 |
Unaffected versions | >= 2.83 |
Dnsmasq is a lightweight and easily-configurable DNS forwarder and DHCP server.
Multiple vulnerabilities have been discovered in Dnsmasq. Please review the references below for details.
An attacker, by sending specially crafted DNS replies, could possibly execute arbitrary code with the privileges of the process, perform a cache poisoning attack or cause a Denial of Service condition.
There is no known workaround at this time.
All Dnsmasq users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.83"
Release date
January 22, 2021
Latest revision
January 22, 2021: 1
Severity
normal
Exploitable
local, remote
Bugzilla entries