Headline
RHSA-2022:8070: Red Hat Security Advisory: dnsmasq security and bug fix update
An update for dnsmasq is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-0934: dnsmasq: Heap use after free in dhcp6_no_relay
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-11-15
Updated:
2022-11-15
RHSA-2022:8070 - Security Advisory
- Overview
- Updated Packages
Synopsis
Moderate: dnsmasq security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for dnsmasq is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
- dnsmasq: Heap use after free in dhcp6_no_relay (CVE-2022-0934)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for IBM z Systems 9 s390x
- Red Hat Enterprise Linux for Power, little endian 9 ppc64le
- Red Hat Enterprise Linux for ARM 64 9 aarch64
Fixes
- BZ - 2057075 - CVE-2022-0934 dnsmasq: Heap use after free in dhcp6_no_relay
- BZ - 2120711 - dnsmasq high CPU usage in 4.11 spoke deployment or after 4.10.21 to 4.11.0-rc.1 upgrade on an SNO node [rhel9]
References
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index
Red Hat Enterprise Linux for x86_64 9
SRPM
dnsmasq-2.85-5.el9.src.rpm
SHA-256: ed3fced038cdc6577d71263bd0864f5f4979dc3b45ec04f563004d9c98056902
x86_64
dnsmasq-2.85-5.el9.x86_64.rpm
SHA-256: ae1f2fd0fd1eb95278644bcd58ec0b1d627cc07abfcb5d275702df90d00971bc
dnsmasq-debuginfo-2.85-5.el9.x86_64.rpm
SHA-256: 7063c1a6e3048983da74d083f60563cdc9e9d71e45ee4704b1214f27a235defe
dnsmasq-debugsource-2.85-5.el9.x86_64.rpm
SHA-256: 29daf9ef7b632e45f95215af857db41b93aa233f50b78e3564d1508684135be6
dnsmasq-utils-2.85-5.el9.x86_64.rpm
SHA-256: b91f9c2d45082204b04d08929dc2a165dc46cafc2a6d25836d0005daa9e49d4d
dnsmasq-utils-debuginfo-2.85-5.el9.x86_64.rpm
SHA-256: c900b1a4077513fe2826b3c19d4020b3ea4c978411ab54e27c61327a80c93c76
Red Hat Enterprise Linux for IBM z Systems 9
SRPM
dnsmasq-2.85-5.el9.src.rpm
SHA-256: ed3fced038cdc6577d71263bd0864f5f4979dc3b45ec04f563004d9c98056902
s390x
dnsmasq-2.85-5.el9.s390x.rpm
SHA-256: a112a8da059098814e6064bd133b6289db350aa95aa1c4862e955e6d69e00761
dnsmasq-debuginfo-2.85-5.el9.s390x.rpm
SHA-256: 239738b99360281f656e319455186512da4a88f60fcadeb56f57acc0e79fdd9b
dnsmasq-debugsource-2.85-5.el9.s390x.rpm
SHA-256: cc346c82ba6c9773e604e1d77429fb801de95bbf409ede8891b5fefced205347
dnsmasq-utils-2.85-5.el9.s390x.rpm
SHA-256: 01be239e2c4454695a113c34fc47085f388cabb546fe3a9c58f2df3f45f947c0
dnsmasq-utils-debuginfo-2.85-5.el9.s390x.rpm
SHA-256: f44fba6d5789f9bfa7653359504fcfe57272eee6422fcffedc6a8d12d920d0b1
Red Hat Enterprise Linux for Power, little endian 9
SRPM
dnsmasq-2.85-5.el9.src.rpm
SHA-256: ed3fced038cdc6577d71263bd0864f5f4979dc3b45ec04f563004d9c98056902
ppc64le
dnsmasq-2.85-5.el9.ppc64le.rpm
SHA-256: 614036120aabd81bd852994d42efc237f914d0b16cf1e82b12c9d65c9e5efa3f
dnsmasq-debuginfo-2.85-5.el9.ppc64le.rpm
SHA-256: 1616693bc31a01b16ffd03b6501b4eb23fd69a17dd2652b526b9b060bf9ba9e9
dnsmasq-debugsource-2.85-5.el9.ppc64le.rpm
SHA-256: 6112ee6b276f261bc7e00c1d747ce24cfeca02e3589f254660a01929387484a5
dnsmasq-utils-2.85-5.el9.ppc64le.rpm
SHA-256: 6491350ad1e895f7e29ce2f8b8c88ec9036830276acc6dc40e8da21f0928c78b
dnsmasq-utils-debuginfo-2.85-5.el9.ppc64le.rpm
SHA-256: a4ce5416c7a78985109bf5624433a9da734553d13ffb8d38602c5e1f8451537d
Red Hat Enterprise Linux for ARM 64 9
SRPM
dnsmasq-2.85-5.el9.src.rpm
SHA-256: ed3fced038cdc6577d71263bd0864f5f4979dc3b45ec04f563004d9c98056902
aarch64
dnsmasq-2.85-5.el9.aarch64.rpm
SHA-256: 384bbb11940b011378cf3f1bca9ebf522ba7405f49d8378ced74e4af367ceb98
dnsmasq-debuginfo-2.85-5.el9.aarch64.rpm
SHA-256: 8f5f42af00783973480ace422a78a9e85069052c77cc195e50e112c50c0d17f5
dnsmasq-debugsource-2.85-5.el9.aarch64.rpm
SHA-256: 5324546191bb35455f2ff5daa9837925deae7444f5c35ebc663a14f5473163dc
dnsmasq-utils-2.85-5.el9.aarch64.rpm
SHA-256: aabbcaca8bbd7bc3be9423e7f7cf5a6f47e2826620da457561d8bd0b3174de94
dnsmasq-utils-debuginfo-2.85-5.el9.aarch64.rpm
SHA-256: 5b92c54f1b55beb69aaad0a8ced77cfda12500937d7ae1586201e11ce8404f99
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Red Hat Security Advisory 2024-1545-03 - An update for dnsmasq is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a use-after-free vulnerability.
Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by crafting arbitrary files through a request to the server.
Red Hat Security Advisory 2023-0408-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include denial of service and out of bounds read vulnerabilities.
Red Hat OpenShift Virtualization release 4.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2021-44716: golang: net/http: limit growth of header canonicalization cache * CVE-2021-44717: golang: syscall: don't close fd 0 on ForkExec error * CVE-2022-1705: golang: net/http: improper sanitizat...
Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).
Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]
Red Hat Security Advisory 2022-8750-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include denial of service and out of bounds read vulnerabilities.
Red Hat OpenShift Virtualization release 4.11.1 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-24921: golang: regexp: stack exhaustion via a deeply nested expression * CVE-2022-28327: golang: crypto/elliptic: panic caus...
An update for dnsmasq is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0934: dnsmasq: Heap use after free in dhcp6_no_relay
A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service.
Ubuntu Security Notice 5408-1 - Petr Menšík and Richard Johnson discovered that Dnsmasq incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or expose sensitive information.