ID

VAR-202101-0221


CVE

CVE-2020-25685


TITLE

Dnsmasq security feature issue vulnerability (CNVD-2021-16430)

Trust: 0.6

sources: CNVD: CNVD-2021-16430

DESCRIPTION

A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity. Dnsmasq is a lightweight DNS forwarding and DHCP and TFTP server written in C language. Dnsmasq has a security vulnerability, which stems from the use of a weak hash algorithm (CRC32) to verify DNS responses when compiling without dnnssec. No detailed vulnerability details are currently provided. For the stable distribution (buster), these problems have been fixed in version 2.80-1+deb10u1. We recommend that you upgrade your dnsmasq packages. For the detailed security status of dnsmasq please refer to its security tracker page at: https://security-tracker.debian.org/tracker/dnsmasq Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAmAZVA4ACgkQEL6Jg/PV nWQYKAgAgVwonRAgXSliaFh0n44OPOz9wf4KibG7otcnAx4V4XqFAeXsHd/hIX/K IC313F3I+8WzvjKBhvt2KnGG9SnoTnq4roBIa1nz//vNX0hyfDm5xPlxQOExzC+c YS8kGt++SvC2wgOsrZEjyk0ecKqDJmZSwW31zXG9/2kTzCbKjuDp+i4TTADqabPC AgbmEGVKBR2Fk7K9Prct27oWoj7LHMaH+Ttb8uQGnG7OgJs9KyRI+2qIu+VaRCGf yfRj+XayPYHV1Amf5dLIKcLMMp/FnkNFoO2YIAZkWVPjXD2uPKUykJJ1GRl8R+0q qtNhPTNNuD6WnYzC8yP0KIQ2tsbg9Q== =j5Ka -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-4698-2 February 24, 2021 dnsmasq regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.10 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: USN-4698-1 introduced regressions in Dnsmasq. Software Description: - dnsmasq: Small caching DNS proxy and DHCP/TFTP server Details: USN-4698-1 fixed vulnerabilities in Dnsmasq. The updates introduced regressions in certain environments related to issues with multiple queries, and issues with retries. This update fixes the problem. Original advisory details: Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25681, CVE-2020-25687) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25682, CVE-2020-25683) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented address/port checks. (CVE-2020-25684) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented query resource name checks. (CVE-2020-25685) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled multiple query requests for the same resource name. (CVE-2020-25686) It was discovered that Dnsmasq incorrectly handled memory during DHCP response creation. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2019-14834) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.10: dnsmasq 2.82-1ubuntu1.2 dnsmasq-base 2.82-1ubuntu1.2 dnsmasq-utils 2.82-1ubuntu1.2 Ubuntu 20.04 LTS: dnsmasq 2.80-1.1ubuntu1.3 dnsmasq-base 2.80-1.1ubuntu1.3 dnsmasq-utils 2.80-1.1ubuntu1.3 Ubuntu 18.04 LTS: dnsmasq 2.79-1ubuntu0.3 dnsmasq-base 2.79-1ubuntu0.3 dnsmasq-utils 2.79-1ubuntu0.3 Ubuntu 16.04 LTS: dnsmasq 2.75-1ubuntu0.16.04.8 dnsmasq-base 2.75-1ubuntu0.16.04.8 dnsmasq-utils 2.75-1ubuntu0.16.04.8 After a standard system update you need to reboot your computer to make all the necessary changes. Description: OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains the following OpenShift Virtualization 2.6.0 images: RHEL-8-CNV-2.6 =============kubevirt-cpu-node-labeller-container-v2.6.0-5 kubevirt-cpu-model-nfd-plugin-container-v2.6.0-5 node-maintenance-operator-container-v2.6.0-13 kubevirt-vmware-container-v2.6.0-5 virtio-win-container-v2.6.0-5 kubevirt-kvm-info-nfd-plugin-container-v2.6.0-5 bridge-marker-container-v2.6.0-9 kubevirt-template-validator-container-v2.6.0-9 kubevirt-v2v-conversion-container-v2.6.0-6 kubemacpool-container-v2.6.0-13 kubevirt-ssp-operator-container-v2.6.0-40 hyperconverged-cluster-webhook-container-v2.6.0-73 hyperconverged-cluster-operator-container-v2.6.0-73 ovs-cni-plugin-container-v2.6.0-10 cnv-containernetworking-plugins-container-v2.6.0-10 ovs-cni-marker-container-v2.6.0-10 cluster-network-addons-operator-container-v2.6.0-16 hostpath-provisioner-container-v2.6.0-11 hostpath-provisioner-operator-container-v2.6.0-14 vm-import-virtv2v-container-v2.6.0-21 kubernetes-nmstate-handler-container-v2.6.0-19 vm-import-controller-container-v2.6.0-21 vm-import-operator-container-v2.6.0-21 virt-api-container-v2.6.0-111 virt-controller-container-v2.6.0-111 virt-handler-container-v2.6.0-111 virt-operator-container-v2.6.0-111 virt-launcher-container-v2.6.0-111 cnv-must-gather-container-v2.6.0-54 virt-cdi-importer-container-v2.6.0-24 virt-cdi-cloner-container-v2.6.0-24 virt-cdi-controller-container-v2.6.0-24 virt-cdi-uploadserver-container-v2.6.0-24 virt-cdi-apiserver-container-v2.6.0-24 virt-cdi-uploadproxy-container-v2.6.0-24 virt-cdi-operator-container-v2.6.0-24 hco-bundle-registry-container-v2.6.0-582 Security Fix(es): * golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283) * golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference (CVE-2020-29652) * gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121) * golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040) * golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586) * golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845) * jwt-go: access restriction bypass vulnerability (CVE-2020-26160) * golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813) * golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362) * containernetworking-cni: Arbitrary path injection via type field in CNI configuration (CVE-2021-20206) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bugs fixed (https://bugzilla.redhat.com/): 1732329 - Virtual Machine is missing documentation of its properties in yaml editor 1783192 - Guest kernel panic when start RHEL6.10 guest with q35 machine type and virtio disk in cnv 1791753 - [RFE] [SSP] Template validator should check validations in template's parent template 1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1848954 - KMP missing CA extensions in cabundle of mutatingwebhookconfiguration 1848956 - KMP requires downtime for CA stabilization during certificate rotation 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 1853911 - VM with dot in network name fails to start with unclear message 1854098 - NodeNetworkState on workers doesn't have "status" key due to nmstate-handler pod failure to run "nmstatectl show" 1856347 - SR-IOV : Missing network name for sriov during vm setup 1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS 1859235 - Common Templates - after upgrade there are 2 common templates per each os-workload-flavor combination 1860714 - No API information from `oc explain` 1860992 - CNV upgrade - users are not removed from privileged SecurityContextConstraints 1864577 - [v2v][RHV to CNV non migratable source VM fails to import to Ceph-rbd / File system due to overhead required for Filesystem 1866593 - CDI is not handling vm disk clone 1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs 1868817 - Container-native Virtualization 2.6.0 Images 1873771 - Improve the VMCreationFailed error message caused by VM low memory 1874812 - SR-IOV: Guest Agent expose link-local ipv6 address for sometime and then remove it 1878499 - DV import doesn't recover from scratch space PVC deletion 1879108 - Inconsistent naming of "oc virt" command in help text 1881874 - openshift-cnv namespace is getting stuck if the user tries to delete it while CNV is running 1883232 - Webscale: kubevirt/CNV datavolume importer pod inability to disable sidecar injection if namespace has sidecar injection enabled but VM Template does NOT 1883371 - CVE-2020-26160 jwt-go: access restriction bypass vulnerability 1885153 - [v2v][RHV to CNv VM import] Wrong Network mapping do not show a relevant error message 1885418 - [openshift-cnv] issues with memory overhead calculation when limits are used 1887398 - [openshift-cnv][CNV] nodes need to exist and be labeled first, *before* the NodeNetworkConfigurationPolicy is applied 1889295 - [v2v][VMware to CNV VM import API] diskMappings: volumeMode Block is not passed on to PVC request. 1891285 - Common templates and kubevirt-config cm - update machine-type 1891440 - [v2v][VMware to CNV VM import API]Source VM with no network interface fail with unclear error 1892227 - [SSP] cluster scoped resources are not being reconciled 1893278 - openshift-virtualization-os-images namespace not seen by user 1893646 - [HCO] Pod placement configuration - dry run is not performed for all the configuration stanza 1894428 - Message for VMI not migratable is not clear enough 1894824 - [v2v][VM import] Pick the smallest template for the imported VM, and not always Medium 1894897 - [v2v][VMIO] VMimport CR is not reported as failed when target VM is deleted during the import 1895414 - Virt-operator is accepting updates to the placement of its workload components even with running VMs 1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers 1898072 - Add Fedora33 to Fedora common templates 1898840 - [v2v] VM import VMWare to CNV Import 63 chars vm name should not fail 1899558 - CNV 2.6 - nmstate fails to set state 1901480 - VM disk io can't worked if namespace have label kubemacpool 1902046 - Not possible to edit CDIConfig (through CDI CR / CDIConfig) 1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service 1903014 - hco-webhook pod in CreateContainerError 1903585 - [v2v] Windows 2012 VM imported from RHV goes into Windows repair mode 1904797 - [VMIO][vmware] A migrated RHEL/Windows VM starts in emergency mode/safe mode when target storage is NFS and target namespace is NOT "default" 1906199 - [CNV-2.5] CNV Tries to Install on Windows Workers 1907151 - kubevirt version is not reported correctly via virtctl 1907352 - VM/VMI link changes to `kubevirt.io~v1~VirtualMachineInstance` on CNV 2.6 1907691 - [CNV] Configuring NodeNetworkConfigurationPolicy caused "Internal error occurred" for creating datavolume 1907988 - VM loses dynamic IP address of its default interface after migration 1908363 - Applying NodeNetworkConfigurationPolicy for different NIC than default disables br-ex bridge and nodes lose connectivity 1908421 - [v2v] [VM import RHV to CNV] Windows imported VM boot failed: INACCESSIBLE BOOT DEVICE error 1908883 - CVE-2020-29652 golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference 1909458 - [V2V][VMware to CNV VM import via api using VMIO] VM import to Ceph RBD/BLOCK fails on "qemu-img: /data/disk.img" error 1910857 - Provide a mechanism to enable the HotplugVolumes feature gate via HCO 1911118 - Windows VMI LiveMigration / shutdown fails on 'XML error: non unique alias detected: ua-') 1911396 - Set networkInterfaceMultiqueue false in rhel 6 template for e1000e interface 1911662 - el6 guests don't work properly if virtio bus is specified on various devices 1912908 - Allow using "scsi" bus for disks in template validation 1913248 - Creating vlan interface on top of a bond device via NodeNetworkConfigurationPolicy fails 1913320 - Informative message needed with virtctl image-upload, that additional step is needed from the user 1913717 - Users should have read permitions for golden images data volumes 1913756 - Migrating to Ceph-RBD + Block fails when skipping zeroes 1914177 - CNV does not preallocate blank file data volumes 1914608 - Obsolete CPU models (kubevirt-cpu-plugin-configmap) are set on worker nodes 1914947 - HPP golden images - DV shoudld not be created with WaitForFirstConsumer 1917908 - [VMIO] vmimport pod fail to create when using ceph-rbd/block 1917963 - [CNV 2.6] Unable to install CNV disconnected - requires kvm-info-nfd-plugin which is not mirrored 1919391 - CVE-2021-20206 containernetworking-cni: Arbitrary path injection via type field in CNI configuration 1920576 - HCO can report ready=true when it failed to create a CR for a component operator 1920610 - e2e-aws-4.7-cnv consistently failing on Hyperconverged Cluster Operator 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1923979 - kubernetes-nmstate: nmstate-handler pod crashes when configuring bridge device using ip tool 1927373 - NoExecute taint violates pdb; VMIs are not live migrated 1931376 - VMs disconnected from nmstate-defined bridge after CNV-2.5.4->CNV-2.6.0 upgrade 5. 7.7) - ppc64, ppc64le, s390x, x86_64 3. 8.1) - aarch64, ppc64le, s390x, x86_64 3. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: dnsmasq security update Advisory ID: RHSA-2021:0156-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0156 Issue date: 2021-01-19 CVE Names: CVE-2020-25684 CVE-2020-25685 CVE-2020-25686 ==================================================================== 1. Summary: An update for dnsmasq is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.4) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.4) - x86_64 3. Security Fix(es): * dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684) * dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685) * dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1889686 - CVE-2020-25684 dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker 1889688 - CVE-2020-25685 dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker 1890125 - CVE-2020-25686 dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.4): Source: dnsmasq-2.76-2.el7_4.3.src.rpm x86_64: dnsmasq-2.76-2.el7_4.3.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.4): Source: dnsmasq-2.76-2.el7_4.3.src.rpm ppc64le: dnsmasq-2.76-2.el7_4.3.ppc64le.rpm dnsmasq-debuginfo-2.76-2.el7_4.3.ppc64le.rpm x86_64: dnsmasq-2.76-2.el7_4.3.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.4): Source: dnsmasq-2.76-2.el7_4.3.src.rpm x86_64: dnsmasq-2.76-2.el7_4.3.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 7.4): x86_64: dnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.3.x86_64.rpm Red Hat Enterprise Linux Server Optional E4S (v. 7.4): ppc64le: dnsmasq-debuginfo-2.76-2.el7_4.3.ppc64le.rpm dnsmasq-utils-2.76-2.el7_4.3.ppc64le.rpm x86_64: dnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.3.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 7.4): x86_64: dnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-25684 https://access.redhat.com/security/cve/CVE-2020-25685 https://access.redhat.com/security/cve/CVE-2020-25686 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/security/vulnerabilities/RHSB-2021-001 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYAbg5dzjgjWX9erEAQjfmA//U9huQUHWE5px5MpvL3/7ZlTnU3Q23tSz lOkHHhl4hwFmETAaVUv/Zoc1N7OfxHzC6C4ot2+rPFj+oMcZQeXUrfhKZkG5kWMn Qy/yIN9myOJ9jjM+2NmF+nQPAiIVi2fU/LkDIEYGXihDZB67/bvu2ErbX2dEOGaH ikX4JNYAVw8vnCZgRy2bbXq47Nff8oeys9sTcDWIq61Svg2mHYYtIoF4Xmz5N5u5 Gb+75FFSxlBoNQFbDyydm19UpGTGZ1dP5Giquvuv8hN0lXGDZN39TANk8FruwnB+ ibyRgzf1R3IwDKbMdkICVOtxfR6cMUXOk5fB6bygyL8Ki6o03N1/HPnQTOQ3XPDO Ya0eswXvMpG8DdhIPi6xlVhorxDj4QKaVKC82rnbb27KJP+UPC8KXfp8lEZSD0zX 56f2O2t42rjzrulnijDdeHtW6oI1MytA/hVLLM0Sdt6PYS19jflucnwP2UuZn0aR RRWjdK6Tx0OYxpPQBYVKygzm+0ke7Ee5BoGn+sYU5SZSH6ro0AlfIRVQn6XmTGUj Gotg6jc4a6HXjhrA72lkxvW9pzFVXpfiQ/VFhBblP39dcCXXyRfTSzgbutDAz7eu 5R8SwUBVIJ0e/Pp32WAMapLfKc+Pj9VG/INfwYYxtpWooy2cHk+3HZIy8gXylhCA lyNYjR6LrCc=sh0K -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202101-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Dnsmasq: Multiple vulnerabilities Date: January 22, 2021 Bugs: #766126 ID: 202101-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Dnsmasq, the worst of which may allow remote attackers to execute arbitrary code. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-dns/dnsmasq < 2.83 >= 2.83 Description =========== Multiple vulnerabilities have been discovered in Dnsmasq. Workaround ========== There is no known workaround at this time. Resolution ========== All Dnsmasq users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.83" References ========== [ 1 ] CVE-2020-25681 https://nvd.nist.gov/vuln/detail/CVE-2020-25681 [ 2 ] CVE-2020-25682 https://nvd.nist.gov/vuln/detail/CVE-2020-25682 [ 3 ] CVE-2020-25683 https://nvd.nist.gov/vuln/detail/CVE-2020-25683 [ 4 ] CVE-2020-25684 https://nvd.nist.gov/vuln/detail/CVE-2020-25684 [ 5 ] CVE-2020-25685 https://nvd.nist.gov/vuln/detail/CVE-2020-25685 [ 6 ] CVE-2020-25686 https://nvd.nist.gov/vuln/detail/CVE-2020-25686 [ 7 ] CVE-2020-25687 https://nvd.nist.gov/vuln/detail/CVE-2020-25687 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202101-17 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2021 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5

Trust: 2.34

sources: NVD: CVE-2020-25685 // CNVD: CNVD-2021-16430 // VULMON: CVE-2020-25685 // PACKETSTORM: 169002 // PACKETSTORM: 161535 // PACKETSTORM: 161742 // PACKETSTORM: 161019 // PACKETSTORM: 161013 // PACKETSTORM: 161010 // PACKETSTORM: 161015 // PACKETSTORM: 161085 // PACKETSTORM: 161101

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-16430

AFFECTED PRODUCTS

vendor:fedoraprojectmodel:fedorascope:eqversion:33

Trust: 1.0

vendor:aristamodel:eosscope:ltversion:4.24.5m

Trust: 1.0

vendor:aristamodel:eosscope:gteversion:4.22

Trust: 1.0

vendor:aristamodel:eosscope:gteversion:4.21

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:10.0

Trust: 1.0

vendor:aristamodel:eosscope:ltversion:4.23.7m

Trust: 1.0

vendor:aristamodel:eosscope:ltversion:4.25.2f

Trust: 1.0

vendor:aristamodel:eosscope:gteversion:4.23

Trust: 1.0

vendor:aristamodel:eosscope:ltversion:4.22.9m

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:32

Trust: 1.0

vendor:aristamodel:eosscope:gteversion:4.24

Trust: 1.0

vendor:aristamodel:eosscope:ltversion:4.21.14m

Trust: 1.0

vendor:aristamodel:eosscope:gteversion:4.25

Trust: 1.0

vendor:thekelleysmodel:dnsmasqscope:ltversion:2.83

Trust: 1.0

vendor:dnsmasqmodel:dnsmasqscope:ltversion:2.83

Trust: 0.6

sources: CNVD: CNVD-2021-16430 // NVD: CVE-2020-25685

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-25685
value: LOW

Trust: 1.0

CNVD: CNVD-2021-16430
value: MEDIUM

Trust: 0.6

VULMON: CVE-2020-25685
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-25685
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

CNVD: CNVD-2021-16430
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-25685
baseSeverity: LOW
baseScore: 3.7
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 1.4
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2021-16430 // VULMON: CVE-2020-25685 // NVD: CVE-2020-25685

PROBLEMTYPE DATA

problemtype:CWE-326

Trust: 1.0

sources: NVD: CVE-2020-25685

THREAT TYPE

remote

Trust: 0.3

sources: PACKETSTORM: 161535 // PACKETSTORM: 161010 // PACKETSTORM: 161085

TYPE

arbitrary

Trust: 0.4

sources: PACKETSTORM: 169002 // PACKETSTORM: 161535 // PACKETSTORM: 161010 // PACKETSTORM: 161085

PATCH

title:Patch for Dnsmasq security feature issue vulnerability (CNVD-2021-16430)url:https://www.cnvd.org.cn/patchInfo/show/251936

Trust: 0.6

title:Red Hat: Moderate: dnsmasq security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210156 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: dnsmasq security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210240 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: dnsmasq security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210245 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: dnsmasq security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210153 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: dnsmasq security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210154 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: dnsmasq security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210155 - Security Advisory

Trust: 0.1

title:Red Hat: Important: Red Hat Virtualization Host security bug fix and enhancement update [ovirt-4.4.4]url:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210401 - Security Advisory

Trust: 0.1

title:Red Hat: Important: RHV-H security, bug fix, enhancement update (redhat-virtualization-host) 4.3.13url:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210395 - Security Advisory

Trust: 0.1

title:Red Hat: Important: dnsmasq security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210151 - Security Advisory

Trust: 0.1

title:Red Hat: Important: dnsmasq security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210150 - Security Advisory

Trust: 0.1

title:Red Hat: Important: dnsmasq security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210152 - Security Advisory

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2020-25685 log

Trust: 0.1

title:Amazon Linux 2: ALAS2-2021-1587url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1587

Trust: 0.1

title:Debian Security Advisories: DSA-4844-1 dnsmasq -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=6bdd82a7af8c0333eca753b3b7b02111

Trust: 0.1

title:Red Hat: Important: OpenShift Container Platform 4.4.33 bug fix and security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210281 - Security Advisory

Trust: 0.1

title:Cisco: Multiple Vulnerabilities in dnsmasq DNS Forwarder Affecting Cisco Products: January 2021url:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-dnsmasq-dns-2021-c5mrdf3g

Trust: 0.1

title:dnspooqurl:https://github.com/knqyf263/dnspooq

Trust: 0.1

title:multironic Requirements: Install libvirt and prepare nodes have to check why we need this TODO download ironic images later Pull images Tag images Push images run httpd Check that two vbmcs are running for the two nodes Play with vbmc and ipmitools Run management cluster Firewall Launch ironic run capm3 Firewall Refurl:https://github.com/mboukhalfa/multironic

Trust: 0.1

title:Criminal IP NSE Scripturl:https://github.com/criminalip/CIP-NSE-Script

Trust: 0.1

title:Intro: What's pique or repique Overviewurl:https://github.com/AZ-X/pique

Trust: 0.1

title:https://github.com/klcheung99/CSCM28CW2url:https://github.com/klcheung99/CSCM28CW2

Trust: 0.1

title:Kaosagnt's Ansible Everyday Utilsurl:https://github.com/kaosagnt/ansible-everyday

Trust: 0.1

title:F5の脆弱性情報url:https://github.com/DNTYO/F5_Vulnerability

Trust: 0.1

title:Vulnerabilityurl:https://github.com/tzwlhack/Vulnerability

Trust: 0.1

title:TOP Table of Contents Donationurl:https://github.com/JERRY123S/all-poc

Trust: 0.1

title:SecBooks SecBooks目录url:https://github.com/SexyBeast233/SecBooks

Trust: 0.1

title:Table of Contentsurl:https://github.com/CVEDB/top

Trust: 0.1

title:Table of Contentsurl:https://github.com/CVEDB/awesome-cve-repo

Trust: 0.1

title:TOP Table of Contents Donationurl:https://github.com/hktalent/TOP

Trust: 0.1

title:TOP Table of Contents Donationurl:https://github.com/cyberanand1337x/bug-bounty-2022

Trust: 0.1

title:TOP Table of Contents Donationurl:https://github.com/weeka10/-hktalent-TOP

Trust: 0.1

title:The Registerurl:https://www.theregister.co.uk/2021/01/20/dns_cache_poisoning/

Trust: 0.1

sources: CNVD: CNVD-2021-16430 // VULMON: CVE-2020-25685

EXTERNAL IDS

db:NVDid:CVE-2020-25685

Trust: 2.6

db:CNVDid:CNVD-2021-16430

Trust: 0.6

db:VULMONid:CVE-2020-25685

Trust: 0.1

db:PACKETSTORMid:169002

Trust: 0.1

db:PACKETSTORMid:161535

Trust: 0.1

db:PACKETSTORMid:161742

Trust: 0.1

db:PACKETSTORMid:161019

Trust: 0.1

db:PACKETSTORMid:161013

Trust: 0.1

db:PACKETSTORMid:161010

Trust: 0.1

db:PACKETSTORMid:161015

Trust: 0.1

db:PACKETSTORMid:161085

Trust: 0.1

db:PACKETSTORMid:161101

Trust: 0.1

sources: CNVD: CNVD-2021-16430 // VULMON: CVE-2020-25685 // PACKETSTORM: 169002 // PACKETSTORM: 161535 // PACKETSTORM: 161742 // PACKETSTORM: 161019 // PACKETSTORM: 161013 // PACKETSTORM: 161010 // PACKETSTORM: 161015 // PACKETSTORM: 161085 // PACKETSTORM: 161101 // NVD: CVE-2020-25685

REFERENCES

url:https://www.jsof-tech.com/disclosures/dnspooq/

Trust: 1.7

url:https://security.gentoo.org/glsa/202101-17

Trust: 1.2

url:https://bugzilla.redhat.com/show_bug.cgi?id=1889688

Trust: 1.1

url:https://www.debian.org/security/2021/dsa-4844

Trust: 1.1

url:https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/wyw3ir6apuskoykl5ft3actihwhgqy32/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/qgb7hl3owhtlepsmldgomxqkg3km2qme/

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25684

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-25686

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-25685

Trust: 0.8

url:https://access.redhat.com/security/cve/cve-2020-25684

Trust: 0.5

url:https://access.redhat.com/articles/11258

Trust: 0.5

url:https://bugzilla.redhat.com/):

Trust: 0.5

url:https://access.redhat.com/security/team/contact/

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-25685

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-25686

Trust: 0.5

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.4

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.4

url:https://access.redhat.com/security/vulnerabilities/rhsb-2021-001

Trust: 0.4

url:https://access.redhat.com/security/team/key/

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-25687

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-25683

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-25681

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-25682

Trust: 0.3

url:https://access.redhat.com/errata/rhsa-2021:0156

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-14834

Trust: 0.2

url:https://usn.ubuntu.com/4698-1

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-25683

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-25682

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-25687

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-25681

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/326.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/knqyf263/dnspooq

Trust: 0.1

url:https://security.archlinux.org/cve-2020-25685

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

url:https://security-tracker.debian.org/tracker/dnsmasq

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/dnsmasq/2.80-1.1ubuntu1.3

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/dnsmasq/2.79-1ubuntu0.3

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/dnsmasq/2.75-1ubuntu0.16.04.8

Trust: 0.1

url:https://usn.ubuntu.com/4698-2

Trust: 0.1

url:https://launchpad.net/bugs/1916462

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/dnsmasq/2.82-1ubuntu1.2

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20907

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8624

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-16300

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14466

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-10105

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-13050

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9925

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-15166

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9802

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25705

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20218

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26160

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-16230

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9895

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8625

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-6829

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12403

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20388

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-15165

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14382

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3156

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8812

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3899

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-16845

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14467

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8819

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-10103

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14469

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11068

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3867

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-1971

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-16229

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8720

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9893

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-19221

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8808

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3902

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14465

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14882

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8623

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-16227

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-18197

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-1751

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3900

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14461

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20206

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14881

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9805

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14464

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8820

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9807

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8769

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8710

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8813

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9850

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14463

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-7595

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8811

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-16228

Trust: 0.1

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14879

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-29652

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14351

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-16168

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9803

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9862

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24659

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14469

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9327

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-10105

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14880

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3885

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-17450

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-15503

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-16935

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12321

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20916

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14461

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-5018

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-19956

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10018

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14422

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14468

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8835

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8764

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14466

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8844

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3865

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14882

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-1730

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-15586

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3864

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-16227

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14464

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-16452

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-19906

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-16230

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20387

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14391

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-15999

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14468

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14467

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14559

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14462

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-29661

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3862

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14880

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14881

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3901

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-16300

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8823

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14462

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-1752

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-16229

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12400

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8622

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28362

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-15903

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3895

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8492

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-11793

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20454

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-20843

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9894

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8816

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9843

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-13627

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-6405

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8771

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-16451

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-13050

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3897

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-10103

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-16228

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9806

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0799

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14463

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8814

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14889

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-20843

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8743

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3121

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9915

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8815

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13632

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10029

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-16451

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8783

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20807

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13630

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14040

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14879

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14470

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14470

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8619

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9283

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27813

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14465

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-11068

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13631

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8766

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-16452

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8846

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3868

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3894

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8782

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0154

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0152

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/dnsmasq/2.75-1ubuntu0.16.04.7

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/dnsmasq/2.79-1ubuntu0.2

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/dnsmasq/2.82-1ubuntu1.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/dnsmasq/2.80-1.1ubuntu1.2

Trust: 0.1

url:https://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0245

Trust: 0.1

sources: CNVD: CNVD-2021-16430 // VULMON: CVE-2020-25685 // PACKETSTORM: 169002 // PACKETSTORM: 161535 // PACKETSTORM: 161742 // PACKETSTORM: 161019 // PACKETSTORM: 161013 // PACKETSTORM: 161010 // PACKETSTORM: 161015 // PACKETSTORM: 161085 // PACKETSTORM: 161101 // NVD: CVE-2020-25685

CREDITS

Red Hat

Trust: 0.5

sources: PACKETSTORM: 161742 // PACKETSTORM: 161019 // PACKETSTORM: 161013 // PACKETSTORM: 161015 // PACKETSTORM: 161101

SOURCES

db:CNVDid:CNVD-2021-16430
db:VULMONid:CVE-2020-25685
db:PACKETSTORMid:169002
db:PACKETSTORMid:161535
db:PACKETSTORMid:161742
db:PACKETSTORMid:161019
db:PACKETSTORMid:161013
db:PACKETSTORMid:161010
db:PACKETSTORMid:161015
db:PACKETSTORMid:161085
db:PACKETSTORMid:161101
db:NVDid:CVE-2020-25685

LAST UPDATE DATE

2024-12-21T20:19:05.045000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-16430date:2021-07-15T00:00:00
db:VULMONid:CVE-2020-25685date:2023-11-07T00:00:00
db:NVDid:CVE-2020-25685date:2024-11-21T05:18:27.807

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-16430date:2021-03-11T00:00:00
db:VULMONid:CVE-2020-25685date:2021-01-20T00:00:00
db:PACKETSTORMid:169002date:2021-02-28T20:12:00
db:PACKETSTORMid:161535date:2021-02-25T15:26:41
db:PACKETSTORMid:161742date:2021-03-10T16:02:43
db:PACKETSTORMid:161019date:2021-01-19T14:46:12
db:PACKETSTORMid:161013date:2021-01-19T14:45:21
db:PACKETSTORMid:161010date:2021-01-19T14:43:50
db:PACKETSTORMid:161015date:2021-01-19T14:45:36
db:PACKETSTORMid:161085date:2021-01-25T14:38:26
db:PACKETSTORMid:161101date:2021-01-25T17:28:57
db:NVDid:CVE-2020-25685date:2021-01-20T16:15:14.303