CVE-2023-28450

An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
VendorProductVersion
thekelleysdnsmasq
𝑥
< 2.90
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
dnsmasq
bullseye
vulnerable
bookworm
no-dsa
buster
no-dsa
bullseye (security)
2.85-1+deb11u1
fixed
trixie
2.90-7
fixed
sid
2.90-7
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
dnsmasq
noble
Fixed 2.90-1
released
mantic
Fixed 2.90-0ubuntu0.23.10.1
released
lunar
ignored
kinetic
Fixed 2.86-1.1ubuntu2.1
released
jammy
Fixed 2.86-1.1ubuntu0.3
released
focal
Fixed 2.80-1.1ubuntu1.7
released
bionic
Fixed 2.79-1ubuntu0.7
released
xenial
Fixed 2.79-1ubuntu0.16.04.1+esm2
released
trusty
Fixed 2.68-1ubuntu0.2+esm2
released
References
https://capec.mitre.org/data/definitions/495.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA/
https://thekelleys.org.uk/dnsmasq/doc.html
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5
https://capec.mitre.org/data/definitions/495.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA/
https://thekelleys.org.uk/dnsmasq/doc.html
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5