Nixpkgs security tracker

Login with GitHub

Suggestions search

All statuses
Filter by:
With package: dnsmasq

Found 9 matching suggestions

View:
Compact
Detailed
Untriaged
Permalink CVE-2026-12969
5.3 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): Low (L)
  • Integrity (I): None (N)
  • Availability (A): None (N)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): Low (L)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): None (N)
created 2 days, 19 hours ago Activity log
  • Created suggestion 2 days, 19 hours ago
Dnsmasq: dnsmasq: out-of-bounds read in find_soa() due to missing extrabytes validation

An out-of-bounds read vulnerability exists in dnsmasq's find_soa() function in src/rfc1035.c. When parsing NS section records, extract_name() is called with extrabytes=0, failing to validate that 10 additional bytes exist for fixed-length DNS record fields. A remote attacker controlling a DNS zone can exploit this via a crafted NXDOMAIN response to cause a 10-byte heap out-of-bounds read, potentially accessing stale data from prior transactions.

References

Affected products

rhcos
dnsmasq

Matching in nixpkgs

Package maintainers

Untriaged
Permalink CVE-2026-12725
5.9 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): None (N)
  • Integrity (I): None (N)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): None (N)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): High (H)
updated 3 days, 15 hours ago by @LeSuisse Activity log
  • Created suggestion 3 days, 19 hours ago
  • @LeSuisse ignored package prometheus-dnsmasq-exporter 3 days, 15 hours ago
Dnsmasq: dnsmasq: heap buffer overflow in log_query() when logging unsupported ds/dnskey replies

A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing unsupported algorithm or digest types can cause dnsmasq to write past the end of an internal logging buffer. A remote attacker able to supply such a DNS response may crash the dnsmasq process, resulting in denial of service.

References

Affected products

rhcos
dnsmasq

Matching in nixpkgs

Ignored packages (1)

Package maintainers

Published
Permalink CVE-2026-4893
5.3 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): Low (L)
  • Integrity (I): None (N)
  • Availability (A): None (N)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): Low (L)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): None (N)
updated 1 month, 2 weeks ago by @LeSuisse Activity log
  • Created suggestion 1 month, 2 weeks ago
  • @LeSuisse ignored
    2 references
    1 month, 2 weeks ago
  • @LeSuisse ignored package prometheus-dnsmasq-exporter 1 month, 2 weeks ago
  • @LeSuisse accepted 1 month, 2 weeks ago
  • @LeSuisse ignored maintainer @fpletz 1 month, 2 weeks ago maintainer.ignore
  • @LeSuisse published on GitHub 1 month, 2 weeks ago
CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information.

Affected products

dnsmasq
  • ==2.92rel2

Matching in nixpkgs

pkgs.dnsmasq

Integrated DNS, DHCP and TFTP server for small networks

  • nixos-unstable 2.92
    • nixpkgs-unstable 2.92
    • nixos-unstable-small 2.92
Ignored packages (1)

Package maintainers

Ignored maintainers (1)
Published
Permalink CVE-2026-5172
updated 1 month, 2 weeks ago by @LeSuisse Activity log
  • Created suggestion 1 month, 2 weeks ago
  • @LeSuisse ignored
    2 references
    1 month, 2 weeks ago
  • @LeSuisse ignored package prometheus-dnsmasq-exporter 1 month, 2 weeks ago
  • @LeSuisse ignored maintainer @fpletz 1 month, 2 weeks ago maintainer.ignore
  • @LeSuisse accepted 1 month, 2 weeks ago
  • @LeSuisse published on GitHub 1 month, 2 weeks ago
CVE-2026-5172

A buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extract_name() to advance the pointer past the record’s end.

Affected products

dnsmasq
  • ==2.92rel2

Matching in nixpkgs

pkgs.dnsmasq

Integrated DNS, DHCP and TFTP server for small networks

  • nixos-unstable 2.92
    • nixpkgs-unstable 2.92
    • nixos-unstable-small 2.92
Ignored packages (1)

Package maintainers

Ignored maintainers (1)
Published
Permalink CVE-2026-2291
updated 1 month, 2 weeks ago by @LeSuisse Activity log
CVE-2026-2291

dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS.

Affected products

dnsmasq
  • ==2.92rel2

Matching in nixpkgs

pkgs.dnsmasq

Integrated DNS, DHCP and TFTP server for small networks

  • nixos-unstable 2.92
    • nixpkgs-unstable 2.92
    • nixos-unstable-small 2.92
Ignored packages (1)

Package maintainers

Ignored maintainers (1)
Published
Permalink CVE-2026-4892
8.4 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
updated 1 month, 2 weeks ago by @LeSuisse Activity log
CVE-2026-4892

A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet.

Affected products

dnsmasq
  • ==2.92rel2

Matching in nixpkgs

pkgs.dnsmasq

Integrated DNS, DHCP and TFTP server for small networks

  • nixos-unstable 2.92
    • nixpkgs-unstable 2.92
    • nixos-unstable-small 2.92
Ignored packages (1)

Package maintainers

Ignored maintainers (1)
Published
Permalink CVE-2026-4891
5.3 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): Low (L)
  • Integrity (I): None (N)
  • Availability (A): None (N)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): Low (L)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): None (N)
updated 1 month, 2 weeks ago by @LeSuisse Activity log
  • Created suggestion 1 month, 2 weeks ago
  • @LeSuisse ignored package prometheus-dnsmasq-exporter 1 month, 2 weeks ago
  • @LeSuisse ignored maintainer @fpletz 1 month, 2 weeks ago maintainer.ignore
  • @LeSuisse ignored
    2 references
    1 month, 2 weeks ago
  • @LeSuisse accepted 1 month, 2 weeks ago
  • @LeSuisse published on GitHub 1 month, 2 weeks ago
CVE-2026-4891

A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.

Affected products

dnsmasq
  • ==2.92rel2

Matching in nixpkgs

pkgs.dnsmasq

Integrated DNS, DHCP and TFTP server for small networks

  • nixos-unstable 2.92
    • nixpkgs-unstable 2.92
    • nixos-unstable-small 2.92
Ignored packages (1)

Package maintainers

Ignored maintainers (1)
Published
Permalink CVE-2026-4890
7.5 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): None (N)
  • Integrity (I): None (N)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): None (N)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): High (H)
updated 1 month, 2 weeks ago by @LeSuisse Activity log
  • Created suggestion 1 month, 2 weeks ago
  • @LeSuisse ignored
    2 references
    1 month, 2 weeks ago
  • @LeSuisse ignored package prometheus-dnsmasq-exporter 1 month, 2 weeks ago
  • @LeSuisse ignored maintainer @fpletz 1 month, 2 weeks ago maintainer.ignore
  • @LeSuisse accepted 1 month, 2 weeks ago
  • @LeSuisse published on GitHub 1 month, 2 weeks ago
CVE-2026-4890

A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.

Affected products

dnsmasq
  • ==2.92rel2

Matching in nixpkgs

pkgs.dnsmasq

Integrated DNS, DHCP and TFTP server for small networks

  • nixos-unstable 2.92
    • nixpkgs-unstable 2.92
    • nixos-unstable-small 2.92
Ignored packages (1)

Package maintainers

Ignored maintainers (1)
Published
Permalink CVE-2026-6507
7.5 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): None (N)
  • Integrity (I): None (N)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): None (N)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): High (H)
updated 2 months, 1 week ago by @LeSuisse Activity log
  • Created suggestion 2 months, 1 week ago
  • @LeSuisse ignored package prometheus-dnsmasq-exporter 2 months, 1 week ago
  • @LeSuisse accepted 2 months, 1 week ago
  • @LeSuisse published on GitHub 2 months, 1 week ago
Dnsmasq: dnsmasq: denial of service due to out-of-bounds write in dhcp bootreply processing

A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY (Bootstrap Protocol Reply) packet to a dnsmasq server configured with the `--dhcp-split-relay` option. This can lead to memory corruption, causing the dnsmasq daemon to crash and resulting in a denial of service (DoS).

References

Affected products

rhcos
dnsmasq

Matching in nixpkgs

pkgs.dnsmasq

Integrated DNS, DHCP and TFTP server for small networks

  • nixos-unstable 2.92
    • nixpkgs-unstable 2.92
    • nixos-unstable-small 2.92
Ignored packages (1)

Package maintainers