ALAS-2013-161

Amazon Linux 1 Security Advisory: ALAS-2013-161
Advisory Release Date: 2013-03-02 16:49 Pacific
Advisory Updated Date: 2014-09-15 22:34 Pacific

Severity: Medium

References: CVE-2012-3411 RHSA-2013-0277
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

It was discovered that dnsmasq, when used in combination with certain libvirtd configurations, could incorrectly process network packets from network interfaces that were intended to be prohibited. A remote, unauthenticated attacker could exploit this flaw to cause a denial of service via DNS amplification attacks. (CVE-2012-3411)

Affected Packages:

dnsmasq

Issue Correction:
Run yum update dnsmasq to update your system.

New Packages:

i686:
    dnsmasq-2.48-13.9.amzn1.i686
    dnsmasq-debuginfo-2.48-13.9.amzn1.i686
    dnsmasq-utils-2.48-13.9.amzn1.i686

src:
    dnsmasq-2.48-13.9.amzn1.src

x86_64:
    dnsmasq-2.48-13.9.amzn1.x86_64
    dnsmasq-utils-2.48-13.9.amzn1.x86_64
    dnsmasq-debuginfo-2.48-13.9.amzn1.x86_64

Additional References

Red Hat: CVE-2012-3411

Mitre: CVE-2012-3411