PublicDateAtUSN: 2021-01-19
Candidate: CVE-2020-25683
CRD: 2021-01-19
PublicDate: 2021-01-20 16:15:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683
 https://www.jsof-tech.com/disclosures/dnspooq/
 http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q1/014599.html
 https://ubuntu.com/security/notices/USN-4698-1
Description:
 A flaw was found in dnsmasq before version 2.83. A heap-based buffer
 overflow was discovered in dnsmasq when DNSSEC is enabled and before it
 validates the received DNS entries. A remote attacker, who can create valid
 DNS replies, could use this flaw to cause an overflow in a heap-allocated
 memory. This flaw is caused by the lack of length checks in
 rfc1035.c:extract_name(), which could be abused to make the code execute
 memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq,
 resulting in a denial of service. The highest threat from this
 vulnerability is to system availability.
Ubuntu-Description: 
Notes: 
Mitigation: 
Bugs: 
Priority: medium
Discovered-by: Moshe Kol and Shlomi Oberman
Assigned-to: mdeslaur
CVSS:
 nvd: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H [5.9 MEDIUM]


Patches_dnsmasq:
upstream_dnsmasq: released (2.83)
precise/esm_dnsmasq: ignored (end of ESM support, was needs-triage)
trusty_dnsmasq: ignored (out of standard support)
trusty/esm_dnsmasq: needs-triage
xenial_dnsmasq: released (2.75-1ubuntu0.16.04.7)
esm-infra/xenial_dnsmasq: released (2.75-1ubuntu0.16.04.7)
bionic_dnsmasq: released (2.79-1ubuntu0.2)
focal_dnsmasq: released (2.80-1.1ubuntu1.2)
groovy_dnsmasq: released (2.82-1ubuntu1.1)
hirsute_dnsmasq: released (2.82-1ubuntu2)
impish_dnsmasq: released (2.82-1ubuntu2)
jammy_dnsmasq: released (2.82-1ubuntu2)
devel_dnsmasq: released (2.82-1ubuntu2)