[Dnsmasq-discuss] 2.80 dnspooq v3 problem

Simon Kelley simon at thekelleys.org.uk
Thu Apr 1 22:59:00 UTC 2021



On 31/03/2021 08:50, Petr Menšík wrote:
> Hi Sunil,
> 
> This is exactly the same issue I reported on thread [1]. Unfortunately
> it haven't got merged separately, but it should be patched by
> CVE-2021-3448 fix [2]. It happens only when you have rp_filter set to 1.
> The root cause of this is the lookup_frec part change in commit
> 8f9bd615053cd [3], including the part added previously by commit [2].
> 
> Yes, these are uncovered bugs not found when testing dnspooq patches.
> The root of the issue was there also before, but it stopped working only
> after dnspooq patches. They are related.
> 

Thanks Petr, Given the above.

1) This is not fixed in the 2.80 dnspooq v3  patches.
2) It is fixed in the forthcoming 2.85  release.

Simon.




More information about the Dnsmasq-discuss mailing list