MGASA-2026-0135 Updated dnsmasq packages fix security vulnerabilities

CVE-2026-2291: dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS. CVE-2026-4890: A Denial of Service DoS...

ALPINE-CVE-2026-2291

dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS...

dnsmasq -- multiple vulnerabilities

Simon Kelley reports: Today, 11th May 2026 CERT is releasing a set of six CVEs for serious security vulnerabilities in dnsmasq. These are all long-standing bugs which apply to pretty much all non-ancient versions. Christopher Cullen and Molly Jaconski write, in Vulnerability Note VU471747:...

Linux Distros Unpatched Vulnerability : CVE-2021-45953

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from hashquestions and fuzzutil.c. NOTE: the vendor's position is that CVE-2021-45951 throug...

dnsmasq security update

2.76-17.0.3.3 - Fixed heap-based buffer overflow in sortrrset CVE-2020-25681 Orabug: 35904921 - Fixed buffer overflow in extractname CVE-2020-25682 Orabug: 35904921...

SUSE CVE-2021-45954

Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from answerauth and FuzzAuth. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge...

Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from answer_auth and FuzzAuth). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities to the best of our knowledge.

...

CVE-2021-45954

Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from answerauth and FuzzAuth. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge...

OSV-2022-6 Heap-buffer-overflow in extract_name

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43299 Crash type: Heap-buffer-overflow WRITE 1 Crash state: extractname hashquestions fuzzutil.c...

CVE-2021-45954

Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from answerauth and FuzzAuth. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge...

CVE-2021-45953

Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from hashquestions and fuzzutil.c. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge...

CVE-2021-45954

DISPUTED Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from answerauth and FuzzAuth. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge."...

CVE-2021-45953

DISPUTED Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from hashquestions and fuzzutil.c. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge."...

CVE-2021-45954

Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from answerauth and FuzzAuth. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge...

CVE-2021-45954

CVE-2021-45954 is tied to dnsmasq 2.86, describing a heap-based buffer overflow in extract_name (triggered via answer_auth and FuzzAuth). Nessus/NASL data repeatedly notes no vendor patch available for this and related CVEs in unpatched-host entries, with affected packages listed as dnsmasq 2.86 ...

CVE-2021-45954

Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from answerauth and FuzzAuth. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge...

CVE-2021-45954

Removed by vendor...

CVE-2021-45953

CVE-2021-45953 affects dnsmasq 2.86 with a heap-based buffer overflow in extract_name (called from hash_questions and fuzz_util.c). Connected Nessus entries expand the family to multiple related CVEs (45951–45957) but note vendor stance that these may not represent real vulnerabilities. MARINER e...

OSV-2021-931 Heap-buffer-overflow in extract_name

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35861 Crash type: Heap-buffer-overflow WRITE 1 Crash state: extractname answerauth FuzzAuth...

OSV-2021-929 Heap-buffer-overflow in extract_name

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35858 Crash type: Heap-buffer-overflow WRITE 1 Crash state: extractname hashquestions fuzzutil.c...