8.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:P/I:P/A:C
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.159 Low
EPSS
Percentile
96.0%
A flaw was found in dnsmasq before version 2.83. A heap-based buffer
overflow was discovered in the way RRSets are sorted before validating with
DNSSEC data. An attacker on the network, who can forge DNS replies such as
that they are accepted as valid, could use this flaw to cause a buffer
overflow with arbitrary data in a heap memory segment, possibly executing
code on the machine. The highest threat from this vulnerability is to data
confidentiality and integrity as well as system availability.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | dnsmasq | < 2.79-1ubuntu0.2 | UNKNOWN |
ubuntu | 20.04 | noarch | dnsmasq | < 2.80-1.1ubuntu1.2 | UNKNOWN |
ubuntu | 20.10 | noarch | dnsmasq | < 2.82-1ubuntu1.1 | UNKNOWN |
ubuntu | 21.04 | noarch | dnsmasq | < 2.82-1ubuntu2 | UNKNOWN |
ubuntu | 21.10 | noarch | dnsmasq | < 2.82-1ubuntu2 | UNKNOWN |
ubuntu | 22.04 | noarch | dnsmasq | < 2.82-1ubuntu2 | UNKNOWN |
ubuntu | 22.10 | noarch | dnsmasq | < 2.82-1ubuntu2 | UNKNOWN |
ubuntu | 23.04 | noarch | dnsmasq | < 2.82-1ubuntu2 | UNKNOWN |
ubuntu | 23.10 | noarch | dnsmasq | < 2.82-1ubuntu2 | UNKNOWN |
ubuntu | 24.04 | noarch | dnsmasq | < 2.82-1ubuntu2 | UNKNOWN |
lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q1/014599.html
launchpad.net/bugs/cve/CVE-2020-25681
nvd.nist.gov/vuln/detail/CVE-2020-25681
security-tracker.debian.org/tracker/CVE-2020-25681
ubuntu.com/security/notices/USN-4698-1
www.cve.org/CVERecord?id=CVE-2020-25681
www.jsof-tech.com/disclosures/dnspooq/
8.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:P/I:P/A:C
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.159 Low
EPSS
Percentile
96.0%