[Bloat] [Cerowrt-devel] New OpenWrt release fixing several dnsmasq CVEs

Etienne Champetier champetier.etienne at gmail.com
Sat Jan 23 15:04:53 EST 2021


Hi Jonathan,

Le sam. 23 janv. 2021 à 11:29, Jonathan Foulkes
<jf at jonathanfoulkes.com> a écrit :
>
> Hi Seb, someone did just that and even better, compared two builds with the dnsmasq being the only variable, and did not see any differences:
> https://forum.openwrt.org/t/security-advisory-2021-01-19-1-dnsmasq-multiple-vulnerabilities/85903/85
>
> From other comments, looks like they found the bug and are testing the fix.
> https://git.openwrt.org/?p=openwrt/staging/ldir.git;a=commitdiff;h=9a18346676850646764072ffcfd32ad9396d95c3
>
> Jonathan
>
> > On Jan 22, 2021, at 4:40 PM, Sebastian Moeller <moeller0 at gmx.de> wrote:
> >
> > Could you try to run top or htop and look at the CPU load? I could imagine that the fixes dnsmasq might have some CPU spikes that simply leave not enough cycles for the traffic shaper?

Is it possible you had a tab open on the Luci status page ?
In my experience if you don't have uhttpd-mod-ubus (and maybe
uhttpd-mod-lua) load average just keep climbing when you are looking
at this page.
https://bugs.openwrt.org/index.php?do=details&task_id=2613

Best
Etienne


More information about the Bloat mailing list