[Bug 1782225] Re: Cache poisoning vulnerability on the OS level DNS cache in Ubuntu
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Sep 17 09:40:41 UTC 2019
** Information type changed from Private Security to Public Security
** Changed in: dnsmasq (Ubuntu)
Status: New => Confirmed
** Changed in: systemd (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1782225
Title:
Cache poisoning vulnerability on the OS level DNS cache in Ubuntu
Status in dnsmasq package in Ubuntu:
Confirmed
Status in systemd package in Ubuntu:
Confirmed
Bug description:
We would like to report a cache poisoning vulnerability on the OS
level DNS cache in Ubuntu. This vulnerability allows an off-path
attacker to impersonate the DNS resolver and poisons the OS-wide DNS
cache directly or through a port-preserving NAT. We have a paper
describing the problem, please see the attachment.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1782225/+subscriptions
More information about the foundations-bugs
mailing list