Ubuntu
dnsmasq package

dnsmasq crashes querying any CNAME that points to localhost.localdomain

Bug #1581181 reported by emk2203
262
This bug affects 2 people
Affects Status Importance Assigned to Milestone
dnsmasq (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

Further info can be found on the mailing list of dnsmasq: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html

The bug is fixed upstream in git, according to the dnsmasq author Simon Kelley.

In a real-world scenario, a pi hole system https://pi-hole.net with Ubuntu 16.04 (ARM SBC acting as ad filter for a network) crashes after 5 - 10 minutes of usage because of this bug. This makes a setup with this dnsmasq version 2.75 unusable.

According to the bug report on the mailing list http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010505.html, it is also a security violation and therefore tagged as such.

Noticed by me in Ubuntu 16.04 LTS on ARM system, but applies to all dnsmasq 2.75 versions.

CVE References

Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

Requested CVE:

http://www.openwall.com/lists/oss-security/2016/06/03/7

information type: Private Security → Public Security
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in dnsmasq (Ubuntu):
status: New → Confirmed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package dnsmasq - 2.75-1ubuntu0.15.10.1

---------------
dnsmasq (2.75-1ubuntu0.15.10.1) wily-security; urgency=medium

  * SECURITY UPDATE: denial of service via crafted CNAME (LP: #1581181)
    - src/cache.c: fix crash when empty address from DNS overlays A record
      from hosts.
    - 41a8d9e99be9f2cc8b02051dd322cb45e0faac87
    - CVE-2015-8899

 -- Marc Deslauriers <email address hidden> Tue, 14 Jun 2016 15:05:23 +0300

Changed in dnsmasq (Ubuntu):
status: Confirmed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package dnsmasq - 2.75-1ubuntu0.16.04.1

---------------
dnsmasq (2.75-1ubuntu0.16.04.1) xenial-security; urgency=medium

  * SECURITY UPDATE: denial of service via crafted CNAME (LP: #1581181)
    - src/cache.c: fix crash when empty address from DNS overlays A record
      from hosts.
    - 41a8d9e99be9f2cc8b02051dd322cb45e0faac87
    - CVE-2015-8899

 -- Marc Deslauriers <email address hidden> Tue, 14 Jun 2016 15:05:23 +0300

Changed in dnsmasq (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.