Vulnerability Description
A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option `local-service` is not enabled. Running dnsmasq in this manner may inadvertently make it an open resolver accessible from any address on the internet. This flaw allows an attacker to conduct a Distributed Denial of Service (DDoS) against other systems.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fedoraproject | Fedora | < 31 |
Related Weaknesses (CWE)
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1851342Issue TrackingThird Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1851342Issue TrackingThird Party Advisory
FAQ
What is CVE-2020-14312?
CVE-2020-14312 is a vulnerability with a CVSS score of 5.9 (MEDIUM). A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts querie...
How severe is CVE-2020-14312?
CVE-2020-14312 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-14312?
Check the references section above for vendor advisories and patch information. Affected products include: Fedoraproject Fedora.