Sicherheit: Mehrere Probleme in Dnsmasq

Lesezeichen hinzufügen

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============5053923261492519878==
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="XFR1MISWKXaFKeO7Nj4PXpFzHB2NCI6z6"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--XFR1MISWKXaFKeO7Nj4PXpFzHB2NCI6z6
Content-Type: multipart/mixed;
boundary="m8dG1TfRfm2RCMqKDuyCWTjIpPV9bujfv";
protected-headers="v1"
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: "ubuntu-security-announce@lists.ubuntu.com"
<ubuntu-security-announce@lists.ubuntu.com>
Message-ID: <d2db4b08-0f4a-bcb2-c0ef-c7c0e48f1875@canonical.com>
Subject: [USN-4698-1] Dnsmasq vulnerabilities

--m8dG1TfRfm2RCMqKDuyCWTjIpPV9bujfv
Content-Type: text/plain; charset=utf-8
Content-Language: en-C
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-4698-1
January 19, 2021

dnsmasq vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in Dnsmasq.

Software Description:
- dnsmasq: Small caching DNS proxy and DHCP/TFTP server

Details:

Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled
memory when sorting RRsets. A remote attacker could use this issue to cause
Dnsmasq to hang, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2020-25681, CVE-2020-25687)

Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled
extracting certain names. A remote attacker could use this issue to cause
Dnsmasq to hang, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2020-25682, CVE-2020-25683)

Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly
implemented address/port checks. A remote attacker could use this issue to
perform a cache poisoning attack. (CVE-2020-25684)

Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly
implemented query resource name checks. A remote attacker could use this
issue to perform a cache poisoning attack. (CVE-2020-25685)

Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled
multiple query requests for the same resource name. A remote attacker could
use this issue to perform a cache poisoning attack. (CVE-2020-25686)

It was discovered that Dnsmasq incorrectly handled memory during DHCP
response creation. A remote attacker could possibly use this issue to
cause Dnsmasq to consume resources, leading to a denial of service. This
issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04
LTS. (CVE-2019-14834)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.10:
dnsmasq 2.82-1ubuntu1.1
dnsmasq-base 2.82-1ubuntu1.1
dnsmasq-utils 2.82-1ubuntu1.1

Ubuntu 20.04 LTS:
dnsmasq 2.80-1.1ubuntu1.2
dnsmasq-base 2.80-1.1ubuntu1.2
dnsmasq-utils 2.80-1.1ubuntu1.2

Ubuntu 18.04 LTS:
dnsmasq 2.79-1ubuntu0.2
dnsmasq-base 2.79-1ubuntu0.2
dnsmasq-utils 2.79-1ubuntu0.2

Ubuntu 16.04 LTS:
dnsmasq 2.75-1ubuntu0.16.04.7
dnsmasq-base 2.75-1ubuntu0.16.04.7
dnsmasq-utils 2.75-1ubuntu0.16.04.7

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
https://usn.ubuntu.com/4698-1
CVE-2019-14834, CVE-2020-25681, CVE-2020-25682, CVE-2020-25683,
CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687

Package Information:
https://launchpad.net/ubuntu/+source/dnsmasq/2.82-1ubuntu1.1
https://launchpad.net/ubuntu/+source/dnsmasq/2.80-1.1ubuntu1.2
https://launchpad.net/ubuntu/+source/dnsmasq/2.79-1ubuntu0.2
https://launchpad.net/ubuntu/+source/dnsmasq/2.75-1ubuntu0.16.04.7

--m8dG1TfRfm2RCMqKDuyCWTjIpPV9bujfv--

--XFR1MISWKXaFKeO7Nj4PXpFzHB2NCI6z6
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmAG2MQACgkQZWnYVadE
vpO9BA//WQvJus+cJFYHpn4DkIMsfMHChojLSP63b4rkeS3h0ZX3sSInkCnN/Yyy
ZHstNOH5mU6jxrlMNcMSVGtH90QF/olByNBKv6sJwclGS/tg3VLD7KvGACqlnxOf
ELZLpzCaeLyLJdv1xxUCWy/KHxH0n3FbgAAEPHeyTBc5hxGytHbNxC42jwBO8OVC
gru41dBPzTEd4wheGZyU+lc4gYwBzE0APaLMHOBL1JvxOGQQlFrlpA0PquuLw7hs
K55zOCf3IxZ201koumJy69+x24Pyb76SrKl/3mhRkVQsqydxwXtBysg8C0t1Ompm
1f5nyiLO6VPK4VilXXrwPCh47Cw4uAkF2NgytFYPk59azS4jQc2G6Uosgmk3xhNV
Ac1jvdPSmVBuAPoehda2E1jKfvj0+XrtRH1+L3J1SBscBMm1T2cUlYPznhi1jEhq
DvS+0b1LZdyW+CFsrh6dvdp6lWjQ8wJS0bWOpQgf4GX7tHOKjdoUUoN0SL4Gcrpk
fFG5m4qG/hrpQKCzon8Y94vW6eAOPGk0YkNBg2ivvr0N8CiVbe1ZQhoSWw6Q//Gw
y99xuqaYLRMnADanm/LGeJZZ+r2i0ntbUXDE+/WSRAVFl+WEs0CUvYqErd3AsYPq
8Bnu5DYYDh7lNO6Q1sFbZ7OIUC78Cac1BYd0My+4xZ60eYcZn0o=
=424/
-----END PGP SIGNATURE-----

--XFR1MISWKXaFKeO7Nj4PXpFzHB2NCI6z6--

--===============5053923261492519878==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK

--===============5053923261492519878==--