Lucene search
K

2373 matches found

Tenable Nessus
Tenable Nessus
added 5 days ago6 views

dnsmasq < 2.93 Heap-Based Buffer Overflow (CVE-2026-12725)

The version of dnsmasq installed on the remote host is prior to 2.93. It is, therefore, affected by a heap-based buffer overflow vulnerability. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing unsupported algorithm or digest types can cause...

5.9CVSS6.2AI score0.00403EPSS
Exploits0References3
OSV
OSV
added 2026/07/02 10:17 a.m.3 views

RHSA-2026:34508 Red Hat Security Advisory: dnsmasq security update

Bulletin has no description...

8.8CVSS6AI score0.07237EPSS
Exploits3References24
OSV
OSV
added 2026/07/02 12:0 a.m.3 views

OPENSUSE-SU-2026:11172-1 dnsmasq-2.93-2.1 on GA media

These are all security issues fixed in the dnsmasq-2.93-2.1 package on the GA media of openSUSE Tumbleweed...

5.3CVSS5.9AI score0.00239EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/07/01 9:21 p.m.8 views

dnsmasq: RRSIG rdlen underflow leading to heap OOB read

A heap out-of-bounds read vulnerability was discovered in dnsmasq's DNSSEC validation. When processing RRSIG records, dnsmasq calculates the signature length by subtracting the fixed field size from the record's declared data length. A crafted RRSIG record with a data length smaller than the fixe...

7.5CVSS5.8AI score0.06226EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/01 9:21 p.m.11 views

dnsmasq: NSEC bitmap parsing infinite loop

A denial of service vulnerability was discovered in dnsmasq's DNSSEC validation. When parsing NSEC and NSEC3 bitmap records, the window iteration logic fails to account for the 2-byte window header when advancing through the bitmap data. A specially crafted DNS response with a zero-length bitmap...

7.5CVSS6.1AI score0.07237EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/01 9:21 p.m.10 views

dnsmasq: Broken ECS source validation bypass

A validation bypass was discovered in dnsmasq's RFC 7871 client subnet ECS handling. When verifying ECS source information in DNS responses, dnsmasq passes the OPT record length instead of the full packet length to the validation function.This causes all internal bounds checks to fail, completely...

5.3CVSS5.8AI score0.02681EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2026/07/01 9:21 p.m.10 views

dnsmasq: DHCPv6 CLID buffer overflow in helper process

A heap buffer overflow was discovered in dnsmasq's DHCP script helper process. When processing DHCPv6 client identifiers CLIDs, the helper hex-encodes the raw CLID bytes into a fixed-size buffer without length validation. Since DHCPv6 CLIDs can be up to 65,535 bytes, a crafted DHCPv6 packet can...

8.8CVSS5.9AI score0.00812EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/07/01 9:21 p.m.9 views

Important: Red Hat Security Advisory: dnsmasq security update

An update for dnsmasq is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.8CVSS6.3AI score0.07237EPSS
Exploits3References6
RedHat Linux
RedHat Linux
added 2026/07/01 9:21 p.m.10 views

dnsmasq: dnsmasq: heap buffer overflow in cache via NAME_ESCAPE expansion

A heap buffer overflow was discovered in dnsmasq's DNS cache. When processing DNS responses, dnsmasq expands certain characters into longer escape sequences, but the cache buffer is not sized to hold the expanded result. A specially crafted DNS response can overflow this buffer, potentially...

7.3CVSS6AI score0.00754EPSS
Exploits1References4
OSV
OSV
added 2026/06/30 11:7 a.m.3 views

SUSE-SU-2026:22454-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues Update to 2.93: - CVE-2026-12725: heap buffer overflow in logquery when logging unsupported DS/DNSKEY replies bsc1268764...

7.5CVSS6.2AI score0.00754EPSS
Exploits1References5
OSV
OSV
added 2026/06/29 7:42 a.m.2 views

SUSE-SU-2026:22496-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues Update to 2.93: - CVE-2026-12725: heap buffer overflow in logquery when logging unsupported DS/DNSKEY replies bsc1268764. Changes for dnsmasq: CVE-2026-12725, bsc1268764: Heap buffer overflow in logquery when logging unsupported DS/DNSKEY replies...

7.5CVSS6.2AI score0.00754EPSS
Exploits1References5
OSV
OSV
added 2026/06/29 7:41 a.m.2 views

OPENSUSE-SU-2026:21192-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues Update to 2.93: - CVE-2026-12725: heap buffer overflow in logquery when logging unsupported DS/DNSKEY replies bsc1268764. Changes for dnsmasq: CVE-2026-12725, bsc1268764: Heap buffer overflow in logquery when logging unsupported DS/DNSKEY replies...

7.5CVSS6.2AI score0.00754EPSS
Exploits1References4
OSV
OSV
added 2026/06/25 12:0 a.m.3 views

OPENSUSE-SU-2026:11116-1 dnsmasq-2.93-1.1 on GA media

These are all security issues fixed in the dnsmasq-2.93-1.1 package on the GA media of openSUSE Tumbleweed...

5.9CVSS5.8AI score0.00403EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/06/24 2:44 a.m.8 views

SUSE CVE-2026-12969

An out-of-bounds read vulnerability exists in dnsmasq's findsoa function in src/rfc1035.c. When parsing NS section records, extractname is called with extrabytes=0, failing to validate that 10 additional bytes exist for fixed-length DNS record fields. A remote attacker controlling a DNS zone can...

6.5CVSS6AI score0.00239EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.8 views

Oracle Linux 9 : dnsmasq (ELSA-2026-19373)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-19373 advisory. - Prevent overflow in extractname function CVE-2026-2291 - Prevent DoS in DNSSEC validation CVE-2026-4890 - Prevent out-of-bounds read in DNSSEC...

8.8CVSS6.2AI score0.07237EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-12969

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read vulnerability exists in dnsmasq's findsoa function in src/rfc1035.c. When parsing NS section records, extractname is called with...

5.3CVSS6AI score0.00239EPSS
Exploits0References4
OSV
OSV
added 2026/06/23 2:17 p.m.6 views

DEBIAN-CVE-2026-12969

An out-of-bounds read vulnerability exists in dnsmasq's findsoa function in src/rfc1035.c. When parsing NS section records, extractname is called with extrabytes=0, failing to validate that 10 additional bytes exist for fixed-length DNS record fields. A remote attacker controlling a DNS zone can...

5.3CVSS5.9AI score0.00239EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 2:17 p.m.11 views

CVE-2026-12969

An out-of-bounds read vulnerability exists in dnsmasq's findsoa function in src/rfc1035.c. When parsing NS section records, extractname is called with extrabytes=0, failing to validate that 10 additional bytes exist for fixed-length DNS record fields. A remote attacker controlling a DNS zone can...

5.3CVSS0.00239EPSS
Exploits0References2
OSV
OSV
added 2026/06/23 2:17 p.m.4 views

UBUNTU-CVE-2026-12969

An out-of-bounds read vulnerability exists in dnsmasq's findsoa function in src/rfc1035.c. When parsing NS section records, extractname is called with extrabytes=0, failing to validate that 10 additional bytes exist for fixed-length DNS record fields. A remote attacker controlling a DNS zone can...

5.3CVSS5.9AI score0.00239EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 1:28 p.m.13 views

EUVD-2026-38449

An out-of-bounds read vulnerability exists in dnsmasq's findsoa function in src/rfc1035.c. When parsing NS section records, extractname is called with extrabytes=0, failing to validate that 10 additional bytes exist for fixed-length DNS record fields. A remote attacker controlling a DNS zone can...

5.3CVSS6AI score0.00239EPSS
Exploits0References2
Rows per page
Query Builder