CVE-2020-25682

CVE	CVE-2020-25682
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2021-01-20 17:15:00 UTC
Updated	2023-11-07 03:20:00 UTC
Description	A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Problem Types: CWE-122

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Debian	Debian Linux	10.0	All	All	All
Operating System	Debian	Debian Linux	9.0	All	All	All
Operating System	Debian	Debian Linux	10.0	All	All	All
Operating System	Fedoraproject	Fedora	32	All	All	All
Operating System	Fedoraproject	Fedora	33	All	All	All
Operating System	Fedoraproject	Fedora	32	All	All	All
Operating System	Fedoraproject	Fedora	33	All	All	All
Application	Thekelleys	Dnsmasq	All	All	All	All
Application	Thekelleys	Dnsmasq	All	All	All	All

Reference	Source	Link	Tags
[SECURITY] Fedora 33 Update: dnsmasq-2.83-1.fc33 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org	Mailing List, Third Party Advisory
1882014 – (CVE-2020-25682) CVE-2020-25682 dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled	MISC	bugzilla.redhat.com	Issue Tracking, Patch, Third Party Advisory
[SECURITY] [DLA 2604-1] dnsmasq security update	MLIST	lists.debian.org
[SECURITY] Fedora 32 Update: dnsmasq-2.84-1.fc32 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org	Mailing List, Third Party Advisory
[SECURITY] Fedora 33 Update: dnsmasq-2.83-1.fc33 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org
[SECURITY] Fedora 32 Update: dnsmasq-2.84-1.fc32 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org
Dnsmasq: Multiple vulnerabilities (GLSA 202101-17) — Gentoo security	GENTOO	security.gentoo.org	Third Party Advisory
DNSPOOQ - JSOF	MISC	www.jsof-tech.com	Third Party Advisory
Debian -- Security Information -- DSA-4844-1 dnsmasq	DEBIAN	www.debian.org	Third Party Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

161048 Oracle Enterprise Linux Security Update for dnsmasq (ELSA-2023-12972)
161049 Oracle Enterprise Linux Security Update for dnsmasq (ELSA-2023-12971)
178499 Debian Security Update for dnsmasq (DLA 2604-1)
296069 Oracle Solaris 11.4 Support Repository Update (SRU) 31.88.5 Missing (CPUJAN2021)
377140 Alibaba Cloud Linux Security Update for dnsmasq (ALINUX3-SA-2021:0009)
500150 Alpine Linux Security Update for dnsmasq
503800 Alpine Linux Security Update for dnsmasq
670173 EulerOS Security Update for dnsmasq (EulerOS-SA-2021-1673)
690442 Free Berkeley Software Distribution (FreeBSD) Security Update for dnsmasq (5b5cf6e5-5b51-11eb-95ac-7f9491278677)
750407 OpenSUSE Security Update for dnsmasq (openSUSE-SU-2021:0129-1)
750409 OpenSUSE Security Update for dnsmasq (openSUSE-SU-2021:0124-1)
900068 CBL-Mariner Linux Security Update for dnsmasq 2.79
902966 Common Base Linux Mariner (CBL-Mariner) Security Update for dnsmasq (3815)
940396 AlmaLinux Security Update for dnsmasq (ALSA-2021:0150)