CVE-2021-3448

Publication date 8 April 2021

Last updated 24 July 2024


Ubuntu priority

Cvss 3 Severity Score

4.0 · Medium

Score breakdown

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity.

Read the notes from the security team

Status

Package Ubuntu Release Status
dnsmasq 24.10 oracular
Fixed 2.85-1ubuntu1
24.04 LTS noble
Fixed 2.85-1ubuntu1
23.10 mantic
Fixed 2.85-1ubuntu1
23.04 lunar
Fixed 2.85-1ubuntu1
22.10 kinetic
Fixed 2.85-1ubuntu1
22.04 LTS jammy
Fixed 2.85-1ubuntu1
21.10 impish
Fixed 2.85-1ubuntu1
21.04 hirsute
Fixed 2.84-1ubuntu2.1
20.10 groovy
Fixed 2.82-1ubuntu1.3
20.04 LTS focal
Fixed 2.80-1.1ubuntu1.4
18.04 LTS bionic
Fixed 2.79-1ubuntu0.4
16.04 LTS xenial
14.04 LTS trusty Ignored end of ESM support, was needed

Get expanded security coverage with Ubuntu Pro

Reduce your average CVE exposure time from 98 days to 1 day with expanded CVE patching, ten-years security maintenance and optional support for the full stack of open-source applications. Free for personal use.

Get Ubuntu Pro

Notes


mdeslaur

This issue only affects dnsmasq in non-default configurations where the server=<address>@<interface> option is used. In those environments, this issue can be prevented by disabling cache by also using a cache-size=0 configuration option. For the dnsmasq instance used by Network-Manager, it is not vulnerable to this issue as Ubuntu disables caching by default. (See Update-dnsmasq-parameters.patch in the network-manager package)

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
dnsmasq

Severity score breakdown

Parameter Value
Base score 4.0 · Medium
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Scope Changed
Confidentiality None
Integrity impact Low
Availability impact None
Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

References

Related Ubuntu Security Notices (USN)

Other references