Medium: dnsmasq

Issue Overview: dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS. CVE-2026-2291 Affected Packages: dnsmasq Issu...

DNSmasq 安全漏洞

DNSmasq is a DNS configuration tool developed by Simon Kelley. DNSmasq has a security vulnerability, which stems from the extractname function being exploitable, leading to a heap buffer overflow. This allows attackers to inject fake DNS cache entries, potentially redirecting DNS queries to...

Vulnerability of the extract_name() function (rfc1035.c): The Dnsmasq DNS server has a vulnerability related to the failure of operations beyond the buffer in memory, allowing an attacker to cause a service failure.

The vulnerability of the extractname function rfc1035.c in the Dnsmasq DNS server is related to the lack of length checking on input data. Exploiting this vulnerability allows a remote attacker to cause a service failure...

Vulnerability of the extract_name() function (rfc1035.c): The Dnsmasq DNS server has a vulnerability related to the failure of operations beyond the buffer in memory, allowing an attacker to cause a service failure.

The vulnerability of the extractname function rfc1035.c in the Dnsmasq DNS server is related to the lack of length checking on input data. Exploiting this vulnerability could allow a remote attacker to cause a service failure...