Dnsmasq: Multiple vulnerabilities Multiple vulnerabilities have been found in Dnsmasq, the worst of which may allow remote attackers to execute arbitrary code. dnsmasq 2021-01-22 2021-01-22 766126 local, remote 2.83 2.83

Dnsmasq is a lightweight and easily-configurable DNS forwarder and DHCP server.

Multiple vulnerabilities have been discovered in Dnsmasq. Please review the references below for details.

An attacker, by sending specially crafted DNS replies, could possibly execute arbitrary code with the privileges of the process, perform a cache poisoning attack or cause a Denial of Service condition.

There is no known workaround at this time.

All Dnsmasq users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.83" CVE-2020-25681 CVE-2020-25682 CVE-2020-25683 CVE-2020-25684 CVE-2020-25685 CVE-2020-25686 CVE-2020-25687 whissi whissi