Dnsmasq: Denial of Service — GLSA 201406-24

A vulnerability in Dnsmasq can lead to a Denial of Service condition.

Affected packages

net-dns/dnsmasq on all architectures
Affected versions < 2.66
Unaffected versions >= 2.66

Background

Dnsmasq is a lightweight, easy to configure DNS forwarder and DHCP server.

Description

When used with certain libvirt configurations Dnsmasq replies to queries from prohibited interfaces.

Impact

A remote attackers can cause a Denial of Service via spoofed TCP based DNS queries.

Workaround

There is no known workaround at this time.

Resolution

All Dnsmasq users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.66"
 

References

Release date
June 25, 2014

Latest revision
June 25, 2014: 1

Severity
normal

Exploitable
remote

Bugzilla entries