[slackware-security] dnsmasq

New dnsmasq packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/dnsmasq-2.93-i586-1slack15.0.txz: Upgraded. Rework storage allocation for domain names. This fixes a security bug that can cause...

CVE-2026-2291 vulnerabilities

Vulnerabilities for packages: dnsmasq...

Photon OS 4.0: Dnsmasq PHSA-2026-4.0-1023

An update of the dnsmasq package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1023. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

dnsmasq-2.92rel2-1.1 on GA media (moderate)

dnsmasq-2.92rel2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10821-1 Rating: moderate Cross-References: CVE-2026-2291 CVE-2026-4890 CVE-2026-4891 CVE-2026-4892 CVE-2026-4893 CVE-2026-5172 CVSS scores: CVE-2026-2291 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-2291 SUSE :...

RHEL 9 : dnsmasq (RHSA-2026:19373)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19373 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server...

Fedora 43 : dnsmasq (2026-6384a3cf14)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6384a3cf14 advisory. Update to 2.92rel2 2.92 point release incorporating fixes for: - CVE-2026-2291 - CVE-2026-4890 - CVE-2026-4891 - CVE-2026-4892 - CVE-2026-4893 -...

RHEL 10 : dnsmasq (RHSA-2026:19158)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19158 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : dnsmasq (SUSE-SU-2026:1827-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1827-1 advisory. This update for dnsmasq fixes the following issue: - CVE-2026-2291: VU471747: dnsmasq can be abused to...

Fedora 44 : dnsmasq (2026-ac5cceec13)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ac5cceec13 advisory. Update to 2.92rel2 2.92 point release incorporating fixes for: - CVE-2026-2291 - CVE-2026-4890 - CVE-2026-4891 - CVE-2026-4892 - CVE-2026-4893 -...

OPENSUSE-SU-2026:20748-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues Security issues: - CVE-2026-2291: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect bsc1258251. - CVE-2026-4890: DoS vulnerability in the DNSSEC validation bsc1265001. - CVE-2026-4891: heap-based out-of-bounds re...

SUSE-SU-2026:1826-1 Security update for dnsmasq

This update for dnsmasq fixes the following issue: - CVE-2026-2291: VU471747: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect bsc1258251...

dnsmasq_2.92_pocs

dnsmasq 2.92 — Proof of Concepts Self-contained reproduction...

DEBIAN-CVE-2026-2291

dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS...

Linux Distros Unpatched Vulnerability : CVE-2026-2291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS...