USN-6034-1: Dnsmasq vulnerability
20 April 2023
Dnsmasq could cause transmission reliability issues when sending large DNS messages.
Releases
Packages
- dnsmasq - Small caching DNS proxy and DHCP/TFTP server
Details
It was discovered that Dnsmasq was sending large DNS messages
over UDP, possibly causing transmission failures due to IP
fragmentation. This update lowers the default maximum size of
DNS messages to improve transmission reliability over UDP.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.10
Ubuntu 22.04
Ubuntu 20.04
Ubuntu 18.04
Ubuntu 16.04
-
dnsmasq-base
-
2.79-1ubuntu0.16.04.1+esm2
Available with Ubuntu Pro
Ubuntu 14.04
-
dnsmasq-base
-
2.68-1ubuntu0.2+esm2
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
References
Related notices
- USN-6657-1: dnsmasq-base, dnsmasq, dnsmasq-utils, dnsmasq-base-lua
- USN-6657-2: dnsmasq-base, dnsmasq, dnsmasq-utils, dnsmasq-base-lua