This is a helpful utility, but it does not have any dependencies
in this repository. Move it to packages feed.
The package does not seem to have a maintainer.
Cc: Jo-Philipp Wich <jo@mein.io>
Cc: Nick Hainke <vincent@systemli.org>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This is a helpful utility, but it does not have any dependencies
in this repository. Move it to packages feed.
Cc: Jo-Philipp Wich <jo@mein.io>
Cc: Nick Hainke <vincent@systemli.org>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The newly added `$(COMMITCOUNT)` varialbe allows automatic versioning
based on the number of Git commits of a package. Replace *tedious to
bump* and *merge conflict causing* `PKG_RELEASE` and replace it with
`$(COMMITCOUNT)`.
Signed-off-by: Paul Spooren <mail@aparcar.org>
The lack of bumped PKG_RELEASE variables is a recurring theme on the
mailing list and in GitHub comments. This costs precious review time,
a rare good within the OpenWrt project.
Instead of relying on a manually set PKG_RELEASE this commit adds a
`commitcount` function that uses the number of Git commits to determine
the release. The function is called via the variables `$(AUTORELEASE)`
or `$(COMMITCOUNT)`. The `PKG_RELEASE` variable can be set to either of
the two.
- $(AUTORELEASE):
Release is automagically set to the number of commits since the last
commit containing either ": update to " or ": bump to ".
Example below:
$ git log packages/foobar/
foobar: fixup file location
foobar: disable docs
foobar: bump to 5.3.2
foobar: fixup copyright
Resulting package name: foobar_5.3.2-3_all.ipk, two package changes
since the last upstream version change, using a 1 based counter.
- $(COMMITCOUNT):
For non-traditional versioning (x.y.z), most prominent `base-files`,
this variable contains the total number of package commits.
The new functionality can also be used by other feeds like packages.git.
In case no build information is available, e.g. when using release
tarballs, the SOURCE_DATE_EPOCH is used to have a reproducible release
identifier.
Suggested-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Paul Spooren <mail@aparcar.org>
The "edimax,uimage"" parser can be replaced by the generic
parser using device specific openwrt,partition-magic and
openwrt,offset properties.
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Some devices prepend a standard U-Boot Image with a vendor specific
header, having its own magic. Adding two new properties will support
validation of such images, including the additional magic.
Signed-off-by: Bjørn Mork <bjorn@mork.no>
The "netgear,uimage" parser can be replaced by the generic
parser using device specific openwrt,ih-magic and
openwrt,ih-type properties.
Device tree properties for the following devices have not
been set, as they have been dropped from OpenWrt with the
removal of the ar71xx target:
FW_MAGIC_WNR2000V1 0x32303031
FW_MAGIC_WNR2000V4 0x32303034
FW_MAGIC_WNR1000V2_VC 0x31303030
FW_MAGIC_WPN824N 0x31313030
Tested-by: Sander Vanheule <sander@svanheule.net> # WNDR3700v2
Tested-by: Stijn Segers <foss@volatilesystems.org> # WNDR3700v1
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Convert users to the generic "openwrt,uimage" using device specific
"openwrt,ih-magic" properties, and remove "allnet,uimage".
Signed-off-by: Bjørn Mork <bjorn@mork.no>
The only difference between the "openwrt,okli" and the generic
parser is the magic. Set this in device tree for all affected
devices and remove the "openwrt,okli" parser.
Tested-by: Michael Pratt <mcpratt@protonmail.com> # EAP300 v2, ENS202EXT and ENH202
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Convert users of the "fonfxc" and "sge" parsers to the generic
"openwrt,uimage", using device specific "openwrt,padding" properties.
Tested-by: Stijn Segers <foss@volatilesystems.org> [DIR-878 A1]
Signed-off-by: Bjørn Mork <bjorn@mork.no>
It's required for BCM4908. It cannot use "bcm-wfi-fw" parser because
that one requires *two* JFFS2 partitions which is untested / unsupported
on the BCM4908 architecture. With a single JFFS2 partition "bcm-wfi-fw"
parser will:
1. Fail to find "vmlinux.lz" as it doesn't follow "1-openwrt" file
2. Create partitions that don't precisely match bootfs layout
The new parser is described in details in the MTD_SPLIT_CFE_BOOTFS
symbol help message.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Asus looks for an extra data at the end of BCM4908 image, right before
the BCM4908 tail. It needs to be properly filled to make Asus accept
firmware image.
This tool constructs such a tail, writes it and updates CRC32 in BCM4908
tail accordingly.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Sync ethernet driver code with upstream Linux kernel:
-Reduce xmit_more code changes.
-Combine rx cleanup code into a function.
-Convert to build_skb.
-Improve rx loop by optimizing loop tracking.
https://lore.kernel.org/netdev/20210106144208.1935-1-liew.s.piaw@gmail.com/
Signed-off-by: Sieng Piaw Liew <liew.s.piaw@gmail.com>
[Amend commit description, move patches to the top since they are going to be
upstreamed]
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Hamming ECC devices do not cover OOB data, as opposed to BCH ECC devices.
Therefore, disabling ECC for all devices is preventing BCH devices from
correctly reading and writing the OOB data.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
The OEM assignment of LAN ports is swapped.
Fixes: c2a7bb520a ("ramips: mt7621: add support for Xiaomi Mi Router 4")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Xiaomi Mi Router 4 is the same as Xiaomi Mi Router 3G, except for
the RAM (256Mib→128Mib), LEDs and gpio (MiNet button).
Specifications:
Power: 12 VDC, 1 A
Connector type: barrel
CPU1: MediaTek MT7621A (880 MHz, 4 cores)
FLA1: 128 MiB (ESMT F59L1G81MA)
RAM1: 128 MiB (ESMT M15T1G1664A)
WI1 chip1: MediaTek MT7603EN
WI1 802dot11 protocols: bgn
WI1 MIMO config: 2x2:2
WI1 antenna connector: U.FL
WI2 chip1: MediaTek MT7612EN
WI2 802dot11 protocols: an+ac
WI2 MIMO config: 2x2:2
WI2 antenna connector: U.FL
ETH chip1: MediaTek MT7621A
Switch: MediaTek MT7621A
UART Serial
[o] TX
[o] GND
[o] RX
[ ] VCC - Do not connect it
MAC addresses as verified by OEM firmware:
use address source
LAN *:c2 factory 0xe000 (label)
WAN *:c3 factory 0xe006
2g *:c4 factory 0x0000
5g *:c5 factory 0x8000
Flashing instructions:
1.Create a simple http server (nginx etc)
2.set uart enable
To enable writing to the console, you must reset to factory settings
Then you see uboot boot, press the keyboard 4 button (enter uboot command line)
If it is not successful, repeat the above operation of restoring the factory settings.
After entering the uboot command line, type:
setenv uart_en 1
saveenv
boot
3.use shell in uart
cd /tmp
wget http://"your_computer_ip:80"/openwrt-ramips-mt7621-xiaomi_mir4-squashfs-kernel1.bin
wget http://"your_computer_ip:80"/openwrt-ramips-mt7621-xiaomi_mir4-squashfs-rootfs0.bin
mtd write openwrt-ramips-mt7621-xiaomi_mir4-squashfs-kernel1.bin kernel1
mtd write openwrt-ramips-mt7621-xiaomi_mir4-squashfs-rootfs0.bin rootfs0
nvram set flag_try_sys1_failed=1
nvram commit
reboot
4.login to the router http://192.168.1.1/
Installation via Software exploit
Find the instructions in the https://github.com/acecilia/OpenWRTInvasion
Signed-off-by: Dmytro Oz <sequentiality@gmail.com>
[commit message facelift, rebase onto shared DTSI/common device
definition, bump uboot-envtools]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This creates a DTSI for Xiaomi devices with 128M NAND.
This allows to consolidate the partitions and a few other nodes for
AC2100 family and Mi Router 3G.
Note that the Mi Router 3 Pro has 256M NAND and differently sized
partitions.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This creates a shared device definition for Xiaomi devices with
NAND and "separate" images, i.e. kernel1.bin and rootfs0.bin.
This allows to consolidate similar/duplicate code for AC2100 family
and Mi Router 3G.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Since generic images have been split to their own
Makefile boards are showing up twice in menuconfig
as $(eval $(call BuildImage)) was not dropped from
the new generic.mk.
Hence $(eval $(call BuildImage)) was being called
twice.
So, lets simply drop it from generic.mk.
Fixes: 378c7ff282 ("ipq40xx: split generic images into own file")
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
There seems to be a problem with setting #WP. On the other hand ignoring
the #WP seems to work. rootfs_data UBI volume seems to persist changes.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
BCM4908 bootloader requires firmware with JFFS2 image containing:
1. cferam.000
2. 94908.dtb
3. vmlinux.lz
4. device custom files
cferam.000 can be obtained from the bcm63xx-cfe repository.
device custom files are stored in images dir.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
procd doesn't work with just serial specified in the DT (using chosen &
stdout-path). It requires tty device to be explicitly specified in the
cmdline.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
1. It's useful for developing & validating DTS files inside OpenWrt
2. This will allow backporting later changes that depend on it
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
All modification made by update_kernel.sh in a fresh clone without
existing toolchains.
Build system: x86_64
Build-tested: ipq806x/R7800, bcm27xx/bcm2711
Run-tested: ipq806x/R7800
No dmesg regressions, everything functional
Signed-off-by: John Audia <graysky@archlinux.us>
Tested-by: Curtis Deptuck <curtdept@me.com> [x86/64]
Device specifications:
======================
* Qualcomm/Atheros QCA9558 ver 1 rev 0
* 720/600/240 MHz (CPU/DDR/AHB)
* 128 MB of RAM
* 16 MB of SPI NOR flash
- 2x 7 MB available; but one of the 7 MB regions is the recovery image
* 3T3R 2.4 GHz Wi-Fi (11n)
* 3T3R 5 GHz Wi-Fi (11ac)
* 6x GPIO-LEDs (2x wifi, 2x status, 1x lan, 1x power)
* 1x GPIO-button (reset)
* external h/w watchdog (enabled by default))
* TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX)
* 1x ethernet
- AR8035 ethernet PHY (RGMII)
- 10/100/1000 Mbps Ethernet
- 802.3af POE
- used as LAN interface
* 12-24V 1A DC
* internal antennas
Flashing instructions:
======================
Various methods can be used to install the actual image on the flash.
Two easy ones are:
ap51-flash
----------
The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be
used to transfer the image to the u-boot when the device boots up.
initramfs from TFTP
-------------------
The serial console must be used to access the u-boot shell during bootup.
It can then be used to first boot up the initramfs image from a TFTP server
(here with the IP 192.168.1.21):
setenv serverip 192.168.1.21
setenv ipaddr 192.168.1.1
tftpboot 0c00000 <filename-of-initramfs-kernel>.bin && bootm $fileaddr
The actual sysupgrade image can then be transferred (on the LAN port) to the
device via
scp <filename-of-squashfs-sysupgrade>.bin root@192.168.1.1:/tmp/
On the device, the sysupgrade must then be started using
sysupgrade -n /tmp/<filename-of-squashfs-sysupgrade>.bin
Signed-off-by: Sven Eckelmann <sven@narfation.org>
[rebase, add LED migration]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Device specifications:
======================
* Qualcomm/Atheros QCA9558 ver 1 rev 0
* 720/600/240 MHz (CPU/DDR/AHB)
* 128 MB of RAM
* 16 MB of SPI NOR flash
- 2x 7 MB available; but one of the 7 MB regions is the recovery image
* 3T3R 2.4 GHz Wi-Fi (11n)
* 3T3R 5 GHz Wi-Fi (11ac)
* 6x GPIO-LEDs (2x wifi, 2x status, 1x lan, 1x power)
* 1x GPIO-button (reset)
* external h/w watchdog (enabled by default))
* TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX)
* 1x ethernet
- AR8035 ethernet PHY (RGMII)
- 10/100/1000 Mbps Ethernet
- 802.3af POE
- used as LAN interface
* 12-24V 1A DC
* internal antennas
Flashing instructions:
======================
Various methods can be used to install the actual image on the flash.
Two easy ones are:
ap51-flash
----------
The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be
used to transfer the image to the u-boot when the device boots up.
initramfs from TFTP
-------------------
The serial console must be used to access the u-boot shell during bootup.
It can then be used to first boot up the initramfs image from a TFTP server
(here with the IP 192.168.1.21):
setenv serverip 192.168.1.21
setenv ipaddr 192.168.1.1
tftpboot 0c00000 <filename-of-initramfs-kernel>.bin && bootm $fileaddr
The actual sysupgrade image can then be transferred (on the LAN port) to the
device via
scp <filename-of-squashfs-sysupgrade>.bin root@192.168.1.1:/tmp/
On the device, the sysupgrade must then be started using
sysupgrade -n /tmp/<filename-of-squashfs-sysupgrade>.bin
Signed-off-by: Sven Eckelmann <sven@narfation.org>
[rebase, apply shared DTSI/device node, add LED migration]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The OpenMesh MR900 and to-be-added MR1750 family are very similar.
Make the existing MR900 DTSI more general so it can be used for
the MR1750 devices as well.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The shared image definitions for OpenMesh devices are currently
organized based on device families. This introduces some duplicate
code, as the image creation code is mostly the same for those.
This patch thus derives two basic shared definitions that work for
all devices and only requires a few variables to be moved back to
the device definitions.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The OpenMesh MR900 is a modified version of the Exx900/Exx1750 family.
These devices are shipped with an AR803x PHY and had various problems with
the delay configuration in ar71xx. These problems are now in the past [1]
and parts of the delay configuration should now be done in the PHY only.
Just switch to the configuration of the ECB1750 to have an already well
tested configuration for ath79 with the newer kernel versions.
[1] https://github.com/openwrt/openwrt/pull/3505#issuecomment-716050292
Reported-by: Michael Pratt <mcpratt@pm.me>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Device specifications:
======================
* Qualcomm/Atheros QCA9558 ver 1 rev 0
* 720/600/240 MHz (CPU/DDR/AHB)
* 128 MB of RAM
* 16 MB of SPI NOR flash
- 2x 7 MB available; but one of the 7 MB regions is the recovery image
* 3T3R 2.4 GHz Wi-Fi
* 3T3R 5 GHz Wi-Fi
* 6x GPIO-LEDs (2x wifi, 2x status, 1x lan, 1x power)
* 1x GPIO-button (reset)
* external h/w watchdog (enabled by default))
* TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX)
* 1x ethernet
- AR8035 ethernet PHY (RGMII)
- 10/100/1000 Mbps Ethernet
- 802.3af POE
- used as LAN interface
* 12-24V 1A DC
* internal antennas
Flashing instructions:
======================
Various methods can be used to install the actual image on the flash.
Two easy ones are:
ap51-flash
----------
The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be
used to transfer the image to the u-boot when the device boots up.
initramfs from TFTP
-------------------
The serial console must be used to access the u-boot shell during bootup.
It can then be used to first boot up the initramfs image from a TFTP server
(here with the IP 192.168.1.21):
setenv serverip 192.168.1.21
setenv ipaddr 192.168.1.1
tftpboot 0c00000 <filename-of-initramfs-kernel>.bin && bootm $fileaddr
The actual sysupgrade image can then be transferred (on the LAN port) to the
device via
scp <filename-of-squashfs-sysupgrade>.bin root@192.168.1.1:/tmp/
On the device, the sysupgrade must then be started using
sysupgrade -n /tmp/<filename-of-squashfs-sysupgrade>.bin
Signed-off-by: Sven Eckelmann <sven@narfation.org>
[rebase, add LED migration]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Device specifications:
======================
* Qualcomm/Atheros QCA9558 ver 1 rev 0
* 720/600/240 MHz (CPU/DDR/AHB)
* 128 MB of RAM
* 16 MB of SPI NOR flash
- 2x 7 MB available; but one of the 7 MB regions is the recovery image
* 3T3R 2.4 GHz Wi-Fi
* 3T3R 5 GHz Wi-Fi
* 6x GPIO-LEDs (2x wifi, 2x status, 1x lan, 1x power)
* 1x GPIO-button (reset)
* external h/w watchdog (enabled by default))
* TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX)
* 1x ethernet
- AR8035 ethernet PHY (RGMII)
- 10/100/1000 Mbps Ethernet
- 802.3af POE
- used as LAN interface
* 12-24V 1A DC
* internal antennas
Flashing instructions:
======================
Various methods can be used to install the actual image on the flash.
Two easy ones are:
ap51-flash
----------
The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be
used to transfer the image to the u-boot when the device boots up.
initramfs from TFTP
-------------------
The serial console must be used to access the u-boot shell during bootup.
It can then be used to first boot up the initramfs image from a TFTP server
(here with the IP 192.168.1.21):
setenv serverip 192.168.1.21
setenv ipaddr 192.168.1.1
tftpboot 0c00000 <filename-of-initramfs-kernel>.bin && bootm $fileaddr
The actual sysupgrade image can then be transferred (on the LAN port) to the
device via
scp <filename-of-squashfs-sysupgrade>.bin root@192.168.1.1:/tmp/
On the device, the sysupgrade must then be started using
sysupgrade -n /tmp/<filename-of-squashfs-sysupgrade>.bin
Signed-off-by: Sven Eckelmann <sven@narfation.org>
[rebase, add LED migration]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The OpenMesh MR600 is a modified version of the EAP600 family. These
devices are shipped with an AR803x PHY and had various problems with the
delay configuration in ar71xx. These problems are now in the past [1] and
parts of the delay configuration should now be done in the PHY only.
Just switch to the configuration of the EAP600 to have an already well
tested configuration for ath79 with the newer kernel versions.
[1] https://github.com/openwrt/openwrt/pull/3505#issuecomment-716050292
Reported-by: Michael Pratt <mcpratt@pm.me>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Device specifications:
======================
* Qualcomm/Atheros AR9344 rev 2
* 560/450/225 MHz (CPU/DDR/AHB)
* 128 MB of RAM
* 16 MB of SPI NOR flash
- 2x 7 MB available; but one of the 7 MB regions is the recovery image
* 2T2R 2.4 GHz Wi-Fi
* 2T2R 5 GHz Wi-Fi
* 8x GPIO-LEDs (6x wifi, 1x wps, 1x power)
* 1x GPIO-button (reset)
* external h/w watchdog (enabled by default))
* TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX)
* 1x ethernet
- AR8035 ethernet PHY (RGMII)
- 10/100/1000 Mbps Ethernet
- 802.3af POE
- used as LAN interface
* 12-24V 1A DC
* internal antennas
Flashing instructions:
======================
Various methods can be used to install the actual image on the flash.
Two easy ones are:
ap51-flash
----------
The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be
used to transfer the image to the u-boot when the device boots up.
initramfs from TFTP
-------------------
The serial console must be used to access the u-boot shell during bootup.
It can then be used to first boot up the initramfs image from a TFTP server
(here with the IP 192.168.1.21):
setenv serverip 192.168.1.21
setenv ipaddr 192.168.1.1
tftpboot 0c00000 <filename-of-initramfs-kernel>.bin && bootm $fileaddr
The actual sysupgrade image can then be transferred (on the LAN port) to the
device via
scp <filename-of-squashfs-sysupgrade>.bin root@192.168.1.1:/tmp/
On the device, the sysupgrade must then be started using
sysupgrade -n /tmp/<filename-of-squashfs-sysupgrade>.bin
Signed-off-by: Sven Eckelmann <sven@narfation.org>
[rebase, add LED migration]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Device specifications:
======================
* Qualcomm/Atheros AR9344 rev 2
* 560/450/225 MHz (CPU/DDR/AHB)
* 128 MB of RAM
* 16 MB of SPI NOR flash
- 2x 7 MB available; but one of the 7 MB regions is the recovery image
* 2T2R 2.4 GHz Wi-Fi
* 2T2R 5 GHz Wi-Fi
* 4x GPIO-LEDs (2x wifi, 1x wps, 1x power)
* 1x GPIO-button (reset)
* TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX)
* 1x ethernet
- AR8035 ethernet PHY (RGMII)
- 10/100/1000 Mbps Ethernet
- 802.3af POE
- used as LAN interface
* 12-24V 1A DC
* internal antennas
Flashing instructions:
======================
Various methods can be used to install the actual image on the flash.
Two easy ones are:
ap51-flash
----------
The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be
used to transfer the image to the u-boot when the device boots up.
initramfs from TFTP
-------------------
The serial console must be used to access the u-boot shell during bootup.
It can then be used to first boot up the initramfs image from a TFTP server
(here with the IP 192.168.1.21):
setenv serverip 192.168.1.21
setenv ipaddr 192.168.1.1
tftpboot 0c00000 <filename-of-initramfs-kernel>.bin && bootm $fileaddr
The actual sysupgrade image can then be transferred (on the LAN port) to the
device via
scp <filename-of-squashfs-sysupgrade>.bin root@192.168.1.1:/tmp/
On the device, the sysupgrade must then be started using
sysupgrade -n /tmp/<filename-of-squashfs-sysupgrade>.bin
Signed-off-by: Sven Eckelmann <sven@narfation.org>
[rebase, make WLAN LEDs consistent, add LED migration]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The "cidr_contains6" functions clones the given cidr. The contains4
does not clone the cidr. Both functions do not behave the same.
I see no reason to push the cidr. I think that we get only a negligible
performance gain, but it makes ipv4 and ipv6 equal again.
Signed-off-by: Nick Hainke <vincent@systemli.org>
All modification made by update_kernel.sh in a fresh clone without
existing toolchains.
Build system: x86_64
Build-tested: ipq806x/R7800, bcm27xx/bcm2711
Run-tested: ipq806x/R7800
No dmesg regressions, everything functional
Signed-off-by: John Audia <graysky@archlinux.us>
Tested-by: Curtis Deptuck <curtdept@me.com> [x86/64]
This fixes the following security problems in dnsmasq:
* CVE-2020-25681:
Dnsmasq versions before 2.83 is susceptible to a heap-based buffer
overflow in sort_rrset() when DNSSEC is used. This can allow a remote
attacker to write arbitrary data into target device's memory that can
lead to memory corruption and other unexpected behaviors on the target
device.
* CVE-2020-25682:
Dnsmasq versions before 2.83 is susceptible to buffer overflow in
extract_name() function due to missing length check, when DNSSEC is
enabled. This can allow a remote attacker to cause memory corruption
on the target device.
* CVE-2020-25683:
Dnsmasq version before 2.83 is susceptible to a heap-based buffer
overflow when DNSSEC is enabled. A remote attacker, who can create
valid DNS replies, could use this flaw to cause an overflow in a heap-
allocated memory. This flaw is caused by the lack of length checks in
rtc1035.c:extract_name(), which could be abused to make the code
execute memcpy() with a negative size in get_rdata() and cause a crash
in Dnsmasq, resulting in a Denial of Service.
* CVE-2020-25684:
A lack of proper address/port check implemented in Dnsmasq version <
2.83 reply_query function makes forging replies easier to an off-path
attacker.
* CVE-2020-25685:
A lack of query resource name (RRNAME) checks implemented in Dnsmasq's
versions before 2.83 reply_query function allows remote attackers to
spoof DNS traffic that can lead to DNS cache poisoning.
* CVE-2020-25686:
Multiple DNS query requests for the same resource name (RRNAME) by
Dnsmasq versions before 2.83 allows for remote attackers to spoof DNS
traffic, using a birthday attack (RFC 5452), that can lead to DNS
cache poisoning.
* CVE-2020-25687:
Dnsmasq versions before 2.83 is vulnerable to a heap-based buffer
overflow with large memcpy in sort_rrset() when DNSSEC is enabled. A
remote attacker, who can create valid DNS replies, could use this flaw
to cause an overflow in a heap-allocated memory. This flaw is caused
by the lack of length checks in rtc1035.c:extract_name(), which could
be abused to make the code execute memcpy() with a negative size in
sort_rrset() and cause a crash in dnsmasq, resulting in a Denial of
Service.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>