Unrated severityNVD Advisory· Published Mar 15, 2023· Updated Nov 3, 2025
CVE-2023-28450
CVE-2023-28450
Description
An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
32(expand)+ 1 more
- (no CPE)
- (no CPE)range: <2.90
- osv-coords30 versionspkg:rpm/almalinux/dnsmasqpkg:rpm/almalinux/dnsmasq-utilspkg:rpm/opensuse/dnsmasq&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/dnsmasq&distro=openSUSE%20Leap%20Micro%205.5pkg:rpm/opensuse/dnsmasq&distro=openSUSE%20Tumbleweedpkg:rpm/suse/dnsmasq&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3pkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/dnsmasq&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/dnsmasq&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/dnsmasq&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/dnsmasq&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/dnsmasq&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/dnsmasq&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
< 2.85-14.el9+ 29 more
- (no CPE)range: < 2.85-14.el9
- (no CPE)range: < 2.85-14.el9
- (no CPE)range: < 2.90-150400.16.3.1
- (no CPE)range: < 2.90-150400.16.3.1
- (no CPE)range: < 2.89-3.1
- (no CPE)range: < 2.78-18.21.1
- (no CPE)range: < 2.90-150400.16.3.1
- (no CPE)range: < 2.90-150400.16.3.1
- (no CPE)range: < 2.90-150400.16.3.1
- (no CPE)range: < 2.90-150400.16.3.1
- (no CPE)range: < 2.86-150100.7.23.1
- (no CPE)range: < 2.86-150100.7.23.1
- (no CPE)range: < 2.90-150400.16.3.1
- (no CPE)range: < 2.90-150400.16.3.1
- (no CPE)range: < 2.90-150400.16.3.1
- (no CPE)range: < 2.90-150400.16.3.1
- (no CPE)range: < 2.86-150100.7.23.1
- (no CPE)range: < 2.78-18.21.1
- (no CPE)range: < 2.90-150400.16.3.1
- (no CPE)range: < 2.90-150400.16.3.1
- (no CPE)range: < 2.78-18.21.1
- (no CPE)range: < 2.90-150400.16.3.1
- (no CPE)range: < 2.90-150400.16.3.1
- (no CPE)range: < 2.90-1.1
- (no CPE)range: < 2.90-150400.16.3.1
- (no CPE)range: < 2.90-150400.16.3.1
- (no CPE)range: < 2.78-18.21.1
- (no CPE)range: < 2.78-18.21.1
- (no CPE)range: < 2.78-18.21.1
- (no CPE)range: < 2.78-18.21.1
Patches
Vulnerability mechanics
References
5- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA/mitrevendor-advisory
- capec.mitre.org/data/definitions/495.htmlmitre
- thekelleys.org.uk/dnsmasq/doc.htmlmitre
- thekelleys.org.uk/gitweb/mitre
News mentions
0No linked articles in our index yet.