Home > Vulnerability Database > CVE-2020-25681

Mend.io Vulnerability Database

CVE-2020-25681

Good to know:

Date: January 20, 2021

A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Language: C

Severity Score

8.1

Related Resources (19)

Url: https://security-tracker.debian.org/tracker/CVE-2020-25681

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/

Url: https://security.gentoo.org/glsa/202101-17

Url: https://security.archlinux.org/CVE-2020-25681

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/

Url: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git

Url: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a;hp=a2a7e040b128a8ec369ba8f22beca2705435b85b

Url: https://bugzilla.redhat.com/show_bug.cgi?id=1881875

Url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/

Url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/

Url: https://security.alpinelinux.org/vuln/CVE-2020-25681

Url: https://www.openwall.com/lists/oss-security/2021/01/19/1

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25681

Url: https://lists.debian.org/debian-lts-announce/2021/03/msg00027.html

Url: https://nvd.nist.gov/vuln/detail/CVE-2020-25681

Url: https://www.jsof-tech.com/disclosures/dnspooq/

Url: https://access.redhat.com/security/cve/CVE-2020-25681

Url: https://www.debian.org/security/2021/dsa-4844

Url: https://www.mend.io/vulnerability-database/CVE-2020-25681

Severity Score

8.1

Weakness Type (CWE)

Heap-based Buffer Overflow

CWE-122

Top Fix

Upgrade Version

Upgrade to version dnsmasq 2.83

Learn More

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	8.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2020-25681

Good to know:

Date: January 20, 2021

Language: C

Severity Score

Related Resources (19)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?