Vulnerability Description
An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Thekelleys | Dnsmasq | < 2.90 |
References
- https://capec.mitre.org/data/definitions/495.htmlNot Applicable
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://thekelleys.org.uk/dnsmasq/doc.htmlProduct
- https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG
- https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104
- https://capec.mitre.org/data/definitions/495.htmlNot Applicable
- https://lists.debian.org/debian-lts-announce/2024/11/msg00035.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://thekelleys.org.uk/dnsmasq/doc.htmlProduct
- https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG
- https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104
FAQ
What is CVE-2023-28450?
CVE-2023-28450 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.
How severe is CVE-2023-28450?
CVE-2023-28450 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-28450?
Check the references section above for vendor advisories and patch information. Affected products include: Thekelleys Dnsmasq.