Ubuntu Security Notice USN-6034-1 ≈ Packet Storm

Home^[1] Files^[2] News^[3] &[SERVICES_TAB] Contact^[4] Add New^[5]

Change Mirror^[15] Download^[16]

        ==========================================================================
Ubuntu Security Notice USN-6034-1
April 20, 2023
dnsmasq vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Dnsmasq could cause transmission reliability issues when
sending large DNS messages.
Software Description:
- dnsmasq: Small caching DNS proxy and DHCP/TFTP server
Details:
It was discovered that Dnsmasq was sending large DNS messages
over UDP, possibly causing transmission failures due to IP
fragmentation. This update lowers the default maximum size of
DNS messages to improve transmission reliability over UDP.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.10:
dnsmasq-base                    2.86-1.1ubuntu2.1
Ubuntu 22.04 LTS:
dnsmasq-base                    2.86-1.1ubuntu0.3
Ubuntu 20.04 LTS:
dnsmasq-base                    2.80-1.1ubuntu1.7
Ubuntu 18.04 LTS:
dnsmasq-base                    2.79-1ubuntu0.7
Ubuntu 16.04 ESM:
dnsmasq-base                    2.79-1ubuntu0.16.04.1+esm2
Ubuntu 14.04 ESM:
dnsmasq-base                    2.68-1ubuntu0.2+esm2
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6034-1
CVE-2023-28450
Package Information:
https://launchpad.net/ubuntu/+source/dnsmasq/2.86-1.1ubuntu2.1
https://launchpad.net/ubuntu/+source/dnsmasq/2.86-1.1ubuntu0.3
https://launchpad.net/ubuntu/+source/dnsmasq/2.80-1.1ubuntu1.7
https://launchpad.net/ubuntu/+source/dnsmasq/2.79-1ubuntu0.7

• Follow us on Twitter^[19]
• Follow us on Facebook^[20]
• Subscribe to an RSS Feed^[21]

File Tags

• ActiveX^[22] (932)
• Advisory^[23] (80,774)
• Arbitrary^[24] (15,967)
• BBS^[25] (2,859)
• Bypass^[26] (1,660)
• CGI^[27] (1,024)
• Code Execution^[28] (7,091)
• Conference^[29] (677)
• Cracker^[30] (840)
• CSRF^[31] (3,310)
• DoS^[32] (23,000)
• Encryption^[33] (2,359)
• Exploit^[34] (50,917)
• File Inclusion^[35] (4,189)
• File Upload^[36] (951)
• Firewall^[37] (821)
• Info Disclosure^[38] (2,700)
• Intrusion Detection^[39] (879)
• Java^[40] (2,967)
• JavaScript^[41] (834)
• Kernel^[42] (6,499)
• Local^[43] (14,338)
• Magazine^[44] (586)
• Overflow^[45] (12,557)
• Perl^[46] (1,419)
• PHP^[47] (5,113)
• Proof of Concept^[48] (2,299)
• Protocol^[49] (3,515)
• Python^[50] (1,488)
• Remote^[51] (30,382)
• Root^[52] (3,543)
• Rootkit^[53] (504)
• Ruby^[54] (604)
• Scanner^[55] (1,633)
• Security Tool^[56] (7,834)
• Shell^[57] (3,145)
• Shellcode^[58] (1,210)
• Sniffer^[59] (892)
• Spoof^[60] (2,187)
• SQL Injection^[61] (16,190)
• TCP^[62] (2,389)
• Trojan^[63] (687)
• UDP^[64] (882)
• Virus^[65] (663)
• Vulnerability^[66] (31,442)
• Web^[67] (9,496)
• Whitepaper^[68] (3,740)
• x86^[69] (948)
• XSS^[70] (17,617)
• Other^[71]

File Archives

• April 2023^[72]
• March 2023^[73]
• February 2023^[74]
• January 2023^[75]
• December 2022^[76]
• November 2022^[77]
• October 2022^[78]
• September 2022^[79]
• August 2022^[80]
• July 2022^[81]
• June 2022^[82]
• May 2022^[83]
• Older^[84]

Systems

• AIX^[85] (426)
• Apple^[86] (1,966)
• BSD^[87] (372)
• CentOS^[88] (57)
• Cisco^[89] (1,920)
• Debian^[90] (6,725)
• Fedora^[91] (1,691)
• FreeBSD^[92] (1,244)
• Gentoo^[93] (4,288)
• HPUX^[94] (878)
• iOS^[95] (342)
• iPhone^[96] (108)
• IRIX^[97] (220)
• Juniper^[98] (67)
• Linux^[99] (45,302)
• Mac OS X^[100] (684)
• Mandriva^[101] (3,105)
• NetBSD^[102] (256)
• OpenBSD^[103] (482)
• RedHat^[104] (13,017)
• Slackware^[105] (941)
• Solaris^[106] (1,609)
• SUSE^[107] (1,444)
• Ubuntu^[108] (8,509)
• UNIX^[109] (9,219)
• UnixWare^[110] (185)
• Windows^[111] (6,539)
• Other^[112]

© 2022 Packet Storm. All rights reserved.

Read more https://packetstormsecurity.com/files/171958/USN-6034-1.txt