CVE-2009-2958 in dnsmasq
Summary
by MITRE
The tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP read (aka RRQ) request with a malformed blksize option.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 02/03/2025
The vulnerability identified as CVE-2009-2958 represents a critical denial of service flaw within the dnsmasq network infrastructure software. This vulnerability specifically affects versions of dnsmasq prior to 2.50 and occurs when the --enable-tftp command line option is active, enabling the software to function as a Trivial File Transfer Protocol server. The flaw manifests in the tftp_request function within the tftp.c source file, where improper input validation leads to a NULL pointer dereference condition that ultimately crashes the dnsmasq daemon process.
The technical nature of this vulnerability stems from insufficient validation of TFTP Read Request (RRQ) packets, particularly when malformed blksize options are included in the request. The blksize option in TFTP is used to specify the block size for data transfers, but when this option is malformed or improperly constructed, the tftp_request function fails to properly handle the edge case. This failure results in the software attempting to dereference a NULL pointer during processing, which causes an immediate crash of the daemon. The vulnerability operates at the protocol implementation level, making it particularly dangerous as it can be exploited by remote attackers without requiring any authentication or privileged access.
From an operational perspective, this vulnerability presents significant risks to network infrastructure stability and availability. Network administrators who have enabled TFTP functionality in their dnsmasq configurations become vulnerable to attacks that can cause service disruption across their entire network domain. The daemon crash affects all TFTP services managed by that dnsmasq instance, potentially impacting file transfers for network booting, firmware updates, and other critical network operations. The remote exploitability means that attackers can trigger the denial of service from outside the local network, making this vulnerability particularly concerning for enterprise environments where dnsmasq serves as a core network service component.
The vulnerability maps directly to CWE-476 which describes NULL pointer dereference conditions in software implementations. Additionally, this issue aligns with ATT&CK technique T1499.004 which covers network denial of service attacks. The flaw demonstrates poor input validation practices in network protocol handling, where the software fails to properly sanitize and validate incoming TFTP options before processing them. Organizations should implement immediate mitigations including upgrading to dnsmasq version 2.50 or later, which contains the necessary patches to properly handle malformed blksize options. Alternative mitigations include disabling the TFTP functionality when it is not required or implementing network-level firewalls to block TFTP traffic to affected systems. The vulnerability underscores the importance of robust input validation in network services and highlights the critical need for regular software updates to address security flaws in infrastructure components.