Skip to content

RDKCOM-5501: RDKBDEV-3351 Fix for EDNS package size incorrect, CVE-2023-28450 #192

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
owen-lu-sercomm wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

RDKCOM-5501: RDKBDEV-3351 Fix for EDNS package size incorrect, CVE-2023-28450 #192

owen-lu-sercomm wants to merge 1 commit into from

Conversation

@owen-lu-sercomm
Copy link

@owen-lu-sercomm owen-lu-sercomm commented Jan 27, 2026

Reason for change:
An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.
Test Procedure:

  1. Capture packages on lan client
  2. Send query with edns from lan client
  3. Check the UDP payload size in the Additional records in DNS response package, which should be 1232 instead of 4096
    Risks: Low

Signed-off-by: Owen Lu owen_lu@sercomm.com

@owen-lu-sercomm
RDKBDEV-3351:Fix for EDNS package size incorrect, CVE-2023-28450
8bf115f 
Reason for change:
An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.
Test Procedure:
1. Capture packages on lan client
2. Send query with edns from lan client
3. Check the UDP payload size in the Additional records in DNS response package, which should be 1232 instead of 4096
Risks: Low

Signed-off-by: Owen Lu <owen_lu@sercomm.com>
@owen-lu-sercomm owen-lu-sercomm requested review from a team as code owners January 27, 2026 10:28
@pradeeptakdas pradeeptakdas changed the title RDKBDEV-3351:Fix for EDNS package size incorrect, CVE-2023-28450 RDKCOM-5501: RDKBDEV-3351 Fix for EDNS package size incorrect, CVE-2023-28450 Jan 27, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@owen-lu-sercomm