OESA-2022-1821

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1821
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2022-1821.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2022-1821
Upstream
Published
2022-08-12T11:04:07Z
Modified
2025-08-12T05:05:15.046788Z
Summary
dnsmasq security update
Details

Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be lightweight and have a small footprint, suitable for resource constrained routers and firewalls. It has also been widely used for tethering on smartphones and portable hotspots, and to support virtual networking in virtualisation frameworks.

Security Fix(es):

A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option local-service is not enabled. Running dnsmasq in this manner may inadvertently make it an open resolver accessible from any address on the internet. This flaw allows an attacker to conduct a Distributed Denial of Service (DDoS) against other systems.(CVE-2020-14312)

Database specific 
{
    "severity": "Medium"
}
References

Affected packages

openEuler:20.03-LTS-SP1 / dnsmasq

Package

Name
dnsmasq
Purl
pkg:rpm/openEuler/dnsmasq&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.82-10.oe1

Ecosystem specific 

{
    "aarch64": [
        "dnsmasq-help-2.82-10.oe1.aarch64.rpm",
        "dnsmasq-2.82-10.oe1.aarch64.rpm",
        "dnsmasq-debuginfo-2.82-10.oe1.aarch64.rpm",
        "dnsmasq-debugsource-2.82-10.oe1.aarch64.rpm"
    ],
    "src": [
        "dnsmasq-2.82-10.oe1.src.rpm"
    ],
    "x86_64": [
        "dnsmasq-debugsource-2.82-10.oe1.x86_64.rpm",
        "dnsmasq-help-2.82-10.oe1.x86_64.rpm",
        "dnsmasq-debuginfo-2.82-10.oe1.x86_64.rpm",
        "dnsmasq-2.82-10.oe1.x86_64.rpm"
    ]
}

openEuler:20.03-LTS-SP3 / dnsmasq

Package

Name
dnsmasq
Purl
pkg:rpm/openEuler/dnsmasq&distro=openEuler-20.03-LTS-SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.82-11.oe1

Ecosystem specific 

{
    "aarch64": [
        "dnsmasq-debugsource-2.82-11.oe1.aarch64.rpm",
        "dnsmasq-2.82-11.oe1.aarch64.rpm",
        "dnsmasq-help-2.82-11.oe1.aarch64.rpm",
        "dnsmasq-debuginfo-2.82-11.oe1.aarch64.rpm"
    ],
    "src": [
        "dnsmasq-2.82-11.oe1.src.rpm"
    ],
    "x86_64": [
        "dnsmasq-debugsource-2.82-11.oe1.x86_64.rpm",
        "dnsmasq-2.82-11.oe1.x86_64.rpm",
        "dnsmasq-debuginfo-2.82-11.oe1.x86_64.rpm",
        "dnsmasq-help-2.82-11.oe1.x86_64.rpm"
    ]
}