Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.From VID-5B72B1FF-877C-11EB-BD4F-2F1D57DAFE46: Simon Kelley reports: [In configurations where the forwarding server address contains an @ character for specifying a sending interface or source address, the] random source port behavior was disabled, making cache poisoning attacks possible. This only affects configurations of the form server=1.1.1.1@em0 or [email protected], i. e. those that specify an interface to send through, or an IP address to send from, or use together with NetworkManager.
Solution(s)
freebsd-upgrade-package-dnsmasqfreebsd-upgrade-package-dnsmasq-devel
ReferencesCVE-2021-3448