Vulnerability DatabaseCVE-2020-25686
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2020-25686
January 20, 2021
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
Related ResourcesĀ (19)
https://www.jsof-tech.com/disclosures/dnspooq/
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=6a6e06fbb0d4690507ceaf2bb6f0d8910f3d4914
https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25686
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=15b60ddf935a531269bb8c68198de012a4967156
https://www.debian.org/security/2021/dsa-4844
https://access.redhat.com/security/cve/CVE-2020-25686
https://www.kb.cert.org/vuls/id/434904
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=15b60ddf935a531269bb8c68198de012a4967156;hp=824461192ca5098043f9ca4ddeba7df1f65b30ba
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=6a6e06fbb0d4690507ceaf2bb6f0d8910f3d4914;hp=2024f9729713fd657d65e64c2e4e471baa0a3e5b
https://security-tracker.debian.org/tracker/CVE-2020-25686
https://security.gentoo.org/glsa/202101-17
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/
https://security.alpinelinux.org/vuln/CVE-2020-25686
https://security.archlinux.org/CVE-2020-25686
https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61
https://bugzilla.redhat.com/show_bug.cgi?id=1890125
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/
Do you need more information?
Contact Us
CVSS v4
Base Score:
6.3
Attack Vector
NETWORK
Attack Complexity
HIGH
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
NONE
Vulnerable System Confidentiality
NONE
Vulnerable System Integrity
LOW
Vulnerable System Availability
NONE
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
3.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
LOW
Availability
NONE
CVSS v2
Base Score:
4.3
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
Weakness Type (CWE)
Improperly Implemented Security Check for Standard
CWE-358
Authentication Bypass by Spoofing
CWE-290
EPSS
Base Score:
0.46