rpm package
opensuse/dnsmasq&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/dnsmasq&distro=openSUSE%20Tumbleweed
Vulnerabilities (29)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-12725 | — | < 2.93-1.1 | 2.93-1.1 | Jun 22, 2026 | A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing unsupported algorithm or digest types can cause dnsmasq to write past the end of an internal logging buffer. A remote attacker | ||
| CVE-2026-5172 | Hig | 7.3 | < 2.92rel2-1.1 | 2.92rel2-1.1 | May 11, 2026 | A buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extract_name() to advance the pointer past the record’s end. | |
| CVE-2026-4893 | Med | 5.3 | < 2.92rel2-1.1 | 2.92rel2-1.1 | May 11, 2026 | An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information. | |
| CVE-2026-4892 | Hig | 8.4 | < 2.92rel2-1.1 | 2.92rel2-1.1 | May 11, 2026 | A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet. | |
| CVE-2026-4891 | Med | 5.3 | < 2.92rel2-1.1 | 2.92rel2-1.1 | May 11, 2026 | A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet. | |
| CVE-2026-4890 | Hig | 7.5 | < 2.92rel2-1.1 | 2.92rel2-1.1 | May 11, 2026 | A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet. | |
| CVE-2026-2291 | Hig | 7.3 | < 2.92rel2-1.1 | 2.92rel2-1.1 | May 11, 2026 | dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS. | |
| CVE-2026-6507 | Hig | 7.5 | < 2.92-3.1 | 2.92-3.1 | Apr 17, 2026 | A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY (Bootstrap Protocol Reply) packet to a dnsmasq server configured with the `--dhcp-split-relay` option. This can lead to memory corruption, ca | |
| CVE-2023-49441 | — | < 2.90-2.1 | 2.90-2.1 | Jun 6, 2024 | dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query. | ||
| CVE-2023-50387 | — | < 2.90-1.1 | 2.90-1.1 | Feb 14, 2024 | Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with man | ||
| CVE-2023-28450 | — | < 2.89-3.1 | 2.89-3.1 | Mar 15, 2023 | An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020. | ||
| CVE-2022-0934 | — | < 2.86-4.1 | 2.86-4.1 | Aug 29, 2022 | A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service. | ||
| CVE-2021-3448 | — | < 2.86-1.1 | 2.86-1.1 | Apr 8, 2021 | A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the ran | ||
| CVE-2020-14312 | — | < 2.86-3.1 | 2.86-3.1 | Feb 5, 2021 | A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option `local-s | ||
| CVE-2020-25686 | — | < 2.86-1.1 | 2.86-1.1 | Jan 20, 2021 | A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 | ||
| CVE-2020-25681 | — | < 2.86-1.1 | 2.86-1.1 | Jan 20, 2021 | A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to caus | ||
| CVE-2020-25683 | — | < 2.86-1.1 | 2.86-1.1 | Jan 20, 2021 | A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap | ||
| CVE-2020-25684 | — | < 2.86-1.1 | 2.86-1.1 | Jan 20, 2021 | A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the ex | ||
| CVE-2020-25685 | — | < 2.86-1.1 | 2.86-1.1 | Jan 20, 2021 | A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is c | ||
| CVE-2019-14834 | — | < 2.86-1.1 | 2.86-1.1 | Jan 7, 2020 | A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation. |
- CVE-2026-12725Jun 22, 2026affected < 2.93-1.1fixed 2.93-1.1
A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing unsupported algorithm or digest types can cause dnsmasq to write past the end of an internal logging buffer. A remote attacker
- affected < 2.92rel2-1.1fixed 2.92rel2-1.1
A buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extract_name() to advance the pointer past the record’s end.
- affected < 2.92rel2-1.1fixed 2.92rel2-1.1
An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information.
- affected < 2.92rel2-1.1fixed 2.92rel2-1.1
A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet.
- affected < 2.92rel2-1.1fixed 2.92rel2-1.1
A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.
- affected < 2.92rel2-1.1fixed 2.92rel2-1.1
A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.
- affected < 2.92rel2-1.1fixed 2.92rel2-1.1
dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS.
- affected < 2.92-3.1fixed 2.92-3.1
A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY (Bootstrap Protocol Reply) packet to a dnsmasq server configured with the `--dhcp-split-relay` option. This can lead to memory corruption, ca
- CVE-2023-49441Jun 6, 2024affected < 2.90-2.1fixed 2.90-2.1
dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query.
- CVE-2023-50387Feb 14, 2024affected < 2.90-1.1fixed 2.90-1.1
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with man
- CVE-2023-28450Mar 15, 2023affected < 2.89-3.1fixed 2.89-3.1
An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.
- CVE-2022-0934Aug 29, 2022affected < 2.86-4.1fixed 2.86-4.1
A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service.
- CVE-2021-3448Apr 8, 2021affected < 2.86-1.1fixed 2.86-1.1
A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the ran
- CVE-2020-14312Feb 5, 2021affected < 2.86-3.1fixed 2.86-3.1
A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option `local-s
- CVE-2020-25686Jan 20, 2021affected < 2.86-1.1fixed 2.86-1.1
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150
- CVE-2020-25681Jan 20, 2021affected < 2.86-1.1fixed 2.86-1.1
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to caus
- CVE-2020-25683Jan 20, 2021affected < 2.86-1.1fixed 2.86-1.1
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap
- CVE-2020-25684Jan 20, 2021affected < 2.86-1.1fixed 2.86-1.1
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the ex
- CVE-2020-25685Jan 20, 2021affected < 2.86-1.1fixed 2.86-1.1
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is c
- CVE-2019-14834Jan 7, 2020affected < 2.86-1.1fixed 2.86-1.1
A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.
Page 1 of 2