30 matches found
OESA-2026-2438 dnsmasq security update
Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be lightweight and have a small footprint, suitable for resource constrained routers and firewalls. It has also been widely used for tethering on smartphones and portabl...
EUVD-2026-29091
dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS...
CVE-2026-5172 CVE-2026-5172
A buffer overflow in dnsmasq’s extractaddresses function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extractname to advance the pointer past the record’s end...
CVE-2026-2291
dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS...
CVE-2026-2291
dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS...
CVE-2026-2291 CVE-2026-2291
dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS...
CVE-2026-2291
dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS...
CVE-2026-2291
dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS...
DNSmasq 安全漏洞
DNSmasq is a DNS configuration tool developed by Simon Kelley. DNSmasq has a security vulnerability, which stems from the extractname function being exploitable, leading to a heap buffer overflow. This allows attackers to inject fake DNS cache entries, potentially redirecting DNS queries to...
ROS-20260319-73-0008
A vulnerability in the indocker plugin of the extractname function of the Fluent Bit log collection and processing tool is related to a stacked buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
CVE-2025-12970
The extractname function in Fluent Bit indocker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary...
Linux Distros Unpatched Vulnerability : CVE-2020-25682
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them...
SUSE CVE-2021-45953
Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from hashquestions and fuzzutil.c. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge...
Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from hash_questions and fuzz_util.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities to the best of our knowledge.
...
AZL-8960 CVE-2021-45953 affecting package dnsmasq for versions less than 2.89-1
Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from hashquestions and fuzzutil.c. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge...
Heap overflow
DISPUTED Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from answerauth and FuzzAuth. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge."...
Dnsmasq 缓冲区错误漏洞
dnsmasq is a lightweight DNS forwarding and DHCP and TFTP server written in C. It can be used as a server to forward DNS, DHCP, and TFTP. Dnsmasq 2.86 suffers from a buffer error vulnerability that stems from a heap-based buffer overflow in extractname called from answerauth and FuzzAuth...
PT-2021-7713 · Dnsmasq +2 · Dnsmasq +2
Name of the Vulnerable Software and Affected Versions: Dnsmasq affected versions not specified Description: The issue is related to a buffer overflow in the extract name function of the fuzz util.c component of the Dnsmasq DNS server. This could allow a remote attacker to access confidential data...
PT-2021-7716 · Dnsmasq +2 · Dnsmasq +2
Name of the Vulnerable Software and Affected Versions: Dnsmasq affected versions not specified Description: The issue is related to a buffer overflow in the extract name function of the Dnsmasq DNS server. This could allow a remote attacker to access confidential data, compromise its integrity, a...
A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network who can create valid DNS replies could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However in some code execution paths it is possible extract_name() gets passed an offset from the base buffer thus reducing in practice the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
...