150 matches found
dnsmasq: NSEC bitmap parsing infinite loop
A denial of service vulnerability was discovered in dnsmasq's DNSSEC validation. When parsing NSEC and NSEC3 bitmap records, the window iteration logic fails to account for the 2-byte window header when advancing through the bitmap data. A specially crafted DNS response with a zero-length bitmap...
Linux Distros Unpatched Vulnerability : CVE-2026-12725
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing...
Astra Linux – Vulnerability in dnsmasq
A vulnerability was discovered in dnsmasq prior to version 2.81. This vulnerability involves a memory leak, allowing remote attackers to cause a denial of service due to excessive memory consumption through mechanisms related to DHCP response creation...
Astra Linux – Vulnerability in dnsmasq
A single-byte, non-arbitrary write/use-after-free flaw was discovered in dnsmasq. This flaw allows an attacker to send a crafted packet processed by dnsmasq, potentially causing a denial of service...
Slackware Linux 15.0 / current dnsmasq Vulnerability (SSA:2026-155-01)
The version of dnsmasq installed on the remote host is prior to 2.93. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-155-01 advisory. New dnsmasq packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding...
GHSA-57VP-FFX7-7GM6 vulnerabilities
Vulnerabilities for packages: dnsmasq...
CVE-2026-5172 vulnerabilities
Vulnerabilities for packages: dnsmasq...
CVE-2026-4893 vulnerabilities
Vulnerabilities for packages: dnsmasq...
Ubuntu 14.04 LTS : Dnsmasq vulnerability (USN-8311-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8311-1 advisory. Petr Menk discovered that Dnsmasq incorrectly handled certain input in the dhcprelease utility. A local attacker could possibly use this issue to cause Dnsmasq to...
Exploit for CVE-2026-5172
CVE20265172poc CVE-2026-5172: buffer overflow in extractaddre...
dnsmasq: Broken ECS source validation bypass
A validation bypass was discovered in dnsmasq's RFC 7871 client subnet ECS handling. When verifying ECS source information in DNS responses, dnsmasq passes the OPT record length instead of the full packet length to the validation function.This causes all internal bounds checks to fail, completely...
SUSE-SU-2026:21677-1 Security update for dnsmasq
This update for dnsmasq fixes the following issues Security issues: - CVE-2026-2291: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect bsc1258251. - CVE-2026-4890: DoS vulnerability in the DNSSEC validation bsc1265001. - CVE-2026-4891: heap-based out-of-bounds re...
SUSE CVE-2026-4892
A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet...
Fedora 45 : dnsmasq (2026-e58a6acf77)
The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e58a6acf77 advisory. Automatic update for dnsmasq-2.92rel2-9.fc45. Changelog Tue May 12 2026 Petr Menk - 2.92rel2-9 - Update to 2.92rel2 rhbz2469245 Mon Apr 20 2026 Petr Menk -...
EUVD-2026-29153
A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...
ALPINE-CVE-2026-4892
A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet...
CVE-2026-4893
An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...
CVE-2026-4890
A Denial of Service DoS vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...
CVE-2026-4893
An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...
Linux Distros Unpatched Vulnerability : CVE-2026-2291
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS...