Seven vulnerabilities affecting Dnsmasq, a caching DNS and DHCP server used in a variety of networking devices and Linux distributions, could be leveraged to mount DNS cache poisoning attack and/or to compromise vulnerable devices.
“Some of the bigger users of Dnsmasq are Android/Google, Comcast, Cisco, Red Hat, Netgear, and Ubiquiti, but there are many more. All major Linux distributions offer Dnsmasq as a package, but some use it more than others, e.g., in OpenWRT it is used a lot, Red Hat use it as part of their virtualization platforms, Google uses it for Android hotspots (and maybe other things), while, for example Ubuntu just has it as an optional package,” Shlomi Oberman, CEO and researcher at JSOF, told Help Net Security.
