MGASA-2026-0135 Updated dnsmasq packages fix security vulnerabilities

CVE-2026-2291: dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS. CVE-2026-4890: A Denial of Service DoS...

ALPINE-CVE-2026-2291

dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS...

dnsmasq -- multiple vulnerabilities

Simon Kelley reports: Today, 11th May 2026 CERT is releasing a set of six CVEs for serious security vulnerabilities in dnsmasq. These are all long-standing bugs which apply to pretty much all non-ancient versions. Christopher Cullen and Molly Jaconski write, in Vulnerability Note VU471747:...

Linux Distros Unpatched Vulnerability : CVE-2021-45953

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from hashquestions and fuzzutil.c. NOTE: the vendor's position is that CVE-2021-45951 throug...

dnsmasq security update

2.76-17.0.3.3 - Fixed heap-based buffer overflow in sortrrset CVE-2020-25681 Orabug: 35904921 - Fixed buffer overflow in extractname CVE-2020-25682 Orabug: 35904921...

The vulnerability of the extract_name function in the fuzz_util.c component of the DNS server Dnsmasq allows a hacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the extractname function in the fuzzutil.c component of the DNS server Dnsmasq is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service failures...

The vulnerability of the extract_name function in the Dnsmasq DNS server allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the extractname function in the Dnsmasq DNS server is related to buffer overflow attacks. Exploiting this vulnerability can allow a remote attacker to access sensitive data, compromise its integrity, and cause service interruptions...

SUSE CVE-2021-45954

Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from answerauth and FuzzAuth. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge...

Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from answer_auth and FuzzAuth). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities to the best of our knowledge.

...

CVE-2021-45954

Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from answerauth and FuzzAuth. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge...

OSV-2022-6 Heap-buffer-overflow in extract_name

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43299 Crash type: Heap-buffer-overflow WRITE 1 Crash state: extractname hashquestions fuzzutil.c...

CVE-2021-45953

Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from hashquestions and fuzzutil.c. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge...

CVE-2021-45954

Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from answerauth and FuzzAuth. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge...

CVE-2021-45953

DISPUTED Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from hashquestions and fuzzutil.c. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge."...

CVE-2021-45954

DISPUTED Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from answerauth and FuzzAuth. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge."...

CVE-2021-45954

Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from answerauth and FuzzAuth. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge...

CVE-2021-45954

Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from answerauth and FuzzAuth. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge...

CVE-2021-45954

Removed by vendor...

CVE-2021-45954

CVE-2021-45954 is tied to dnsmasq 2.86, describing a heap-based buffer overflow in extract_name (triggered via answer_auth and FuzzAuth). Nessus/NASL data repeatedly notes no vendor patch available for this and related CVEs in unpatched-host entries, with affected packages listed as dnsmasq 2.86 ...

CVE-2021-45953

CVE-2021-45953 affects dnsmasq 2.86 with a heap-based buffer overflow in extract_name (called from hash_questions and fuzz_util.c). Connected Nessus entries expand the family to multiple related CVEs (45951–45957) but note vendor stance that these may not represent real vulnerabilities. MARINER e...