Suggestions search

Untriaged

Filter by:

With package: dnsmasq

Found 2 matching suggestions

View:

Compact

Detailed

Permalink CVE-2026-12969

5.3 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): None (N)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): None (N)

created 2 days, 20 hours ago Activity log

Created suggestion 2 days, 20 hours ago

Dnsmasq: dnsmasq: out-of-bounds read in find_soa() due to missing extrabytes validation

An out-of-bounds read vulnerability exists in dnsmasq's find_soa() function in src/rfc1035.c. When parsing NS section records, extract_name() is called with extrabytes=0, failing to validate that 10 additional bytes exist for fixed-length DNS record fields. A remote attacker controlling a DNS zone can exploit this via a crafted NXDOMAIN response to cause a 10-byte heap out-of-bounds read, potentially accessing stale data from prior transactions.

References

https://access.redhat.com/security/cve/CVE-2026-12969 x_refsource_REDHATvdb-entry
RHBZ#2491663 issue-trackingx_refsource_REDHAT

Affected products

rhcos

dnsmasq

Matching in nixpkgs

pkgs.dnsmasq

Integrated DNS, DHCP and TFTP server for small networks

nixos-unstable 2.92rel2
- nixpkgs-unstable 2.92rel2
- nixos-unstable-small 2.92rel2
nixos-26.05 2.92rel2
- nixos-26.05-small 2.92rel2
- nixpkgs-26.05-darwin 2.92rel2

pkgs.prometheus-dnsmasq-exporter

Dnsmasq exporter for Prometheus

nixos-unstable 0.3.0
- nixpkgs-unstable 0.3.0
- nixos-unstable-small 0.3.0
nixos-26.05 0.3.0
- nixos-26.05-small 0.3.0
- nixpkgs-26.05-darwin 0.3.0

Package maintainers

@fpletz Franz Pletz <fpletz@fnordicwalking.de>
@globin Robin Gloster <mail@glob.in>

Permalink CVE-2026-12725

5.9 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): High (H)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): None (N)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): High (H)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): High (H)

updated 3 days, 16 hours ago by @LeSuisse Activity log

Created suggestion 3 days, 20 hours ago
@LeSuisse ignored package prometheus-dnsmasq-exporter 3 days, 16 hours ago

Dnsmasq: dnsmasq: heap buffer overflow in log_query() when logging unsupported ds/dnskey replies

A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing unsupported algorithm or digest types can cause dnsmasq to write past the end of an internal logging buffer. A remote attacker able to supply such a DNS response may crash the dnsmasq process, resulting in denial of service.