Ubuntu 14.04 LTS : Dnsmasq vulnerability (USN-8311-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8311-1 advisory. Petr Menk discovered that Dnsmasq incorrectly handled certain input in the dhcprelease utility. A local attacker could possibly use this issue to cause Dnsmasq to...

Exploit for CVE-2026-5172

CVE20265172poc CVE-2026-5172: buffer overflow in extractaddre...

Astra Linux - уязвимость в dnsmasq

A vulnerability was discovered in dnsmasq prior to version 2.81. This vulnerability involves a memory leak, allowing remote attackers to cause a denial of service due to excessive memory consumption through mechanisms related to DHCP response creation...

dnsmasq: Broken ECS source validation bypass

A validation bypass was discovered in dnsmasq's RFC 7871 client subnet ECS handling. When verifying ECS source information in DNS responses, dnsmasq passes the OPT record length instead of the full packet length to the validation function.This causes all internal bounds checks to fail, completely...

SUSE-SU-2026:21677-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues Security issues: - CVE-2026-2291: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect bsc1258251. - CVE-2026-4890: DoS vulnerability in the DNSSEC validation bsc1265001. - CVE-2026-4891: heap-based out-of-bounds re...

SUSE CVE-2026-4892

A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet...

Fedora 45 : dnsmasq (2026-e58a6acf77)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e58a6acf77 advisory. Automatic update for dnsmasq-2.92rel2-9.fc45. Changelog Tue May 12 2026 Petr Menk - 2.92rel2-9 - Update to 2.92rel2 rhbz2469245 Mon Apr 20 2026 Petr Menk -...

EUVD-2026-29153

A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...

ALPINE-CVE-2026-4892

A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet...

CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

CVE-2026-4890

A Denial of Service DoS vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...

CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

Linux Distros Unpatched Vulnerability : CVE-2026-2291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS...

DNSmasq 安全漏洞

DNSmasq is a DNS configuration tool developed by Simon Kelley. DNSmasq has a security vulnerability, which stems from heap-based out-of-bound reads during DNSSEC verification. This vulnerability allows remote attackers to cause denial-of-service attacks through specially crafted DNS packets...

DNSmasq 安全漏洞

DNSmasq is a DNS configuration tool developed by Simon Kelley individually. DNSmasq has a security vulnerability, which stems from heap-based out-of-bound writes in the DHCPv6 implementation. This vulnerability allows local attackers to execute arbitrary code with root privileges using specially...

Unity Linux 20.1060e / 20.1070e Security Update: dnsmasq (UTSA-2026-017412)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017412 advisory. A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwardi...

Astra Linux - уязвимость в dnsmasq

A single-byte, non-arbitrary write/use-after-free flaw was discovered in dnsmasq. This flaw allows an attacker to send a crafted packet processed by dnsmasq, potentially causing a denial of service...

CVE-2026-6507 Dnsmasq: dnsmasq: denial of service due to out-of-bounds write in dhcp bootreply processing

A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY Bootstrap Protocol Reply packet to a dnsmasq server configured with the --dhcp-split-relay option. This can lead to memory corruption, causing the dnsmasq...

EUVD-2026-20550

An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute arbitrary code when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow the attacker...

CVE-2026-30818 OS Command Injection Vulnerability in dnsmasq Module in TP-Link AX53

An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute arbitrary code when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow the attacker...