Amazon Linux 1 Security Advisory: ALAS-2013-161
Advisory Release Date: 2013-03-02 16:49 Pacific
Advisory Updated Date: 2014-09-15 22:34 Pacific
It was discovered that dnsmasq, when used in combination with certain libvirtd configurations, could incorrectly process network packets from network interfaces that were intended to be prohibited. A remote, unauthenticated attacker could exploit this flaw to cause a denial of service via DNS amplification attacks. (CVE-2012-3411)
Affected Packages:
dnsmasq
Issue Correction:
Run yum update dnsmasq to update your system.
i686:
dnsmasq-2.48-13.9.amzn1.i686
dnsmasq-debuginfo-2.48-13.9.amzn1.i686
dnsmasq-utils-2.48-13.9.amzn1.i686
src:
dnsmasq-2.48-13.9.amzn1.src
x86_64:
dnsmasq-2.48-13.9.amzn1.x86_64
dnsmasq-utils-2.48-13.9.amzn1.x86_64
dnsmasq-debuginfo-2.48-13.9.amzn1.x86_64