{"schema_version":"1.7.2","id":"OESA-2026-2435","modified":"2026-05-22T13:22:03Z","published":"2026-05-22T13:22:03Z","upstream":["CVE-2026-2291","CVE-2026-4890","CVE-2026-4891","CVE-2026-4892","CVE-2026-4893","CVE-2026-5172"],"summary":"dnsmasq security update","details":"Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be lightweight and have a small footprint, suitable for resource constrained routers and firewalls. It has also been widely used for tethering on smartphones and portable hotspots, and to support virtual networking in virtualisation frameworks.\r\n\r\nSecurity Fix(es):\n\ndnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS.(CVE-2026-2291)\n\nA Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.(CVE-2026-4890)\n\nA heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.(CVE-2026-4891)\n\nA heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet.(CVE-2026-4892)\n\nAn information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information.(CVE-2026-4893)\n\nA buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extract_name() to advance the pointer past the record’s end.(CVE-2026-5172)","affected":[{"package":{"ecosystem":"openEuler:24.03-LTS","name":"dnsmasq","purl":"pkg:rpm/openEuler/dnsmasq&distro=openEuler-24.03-LTS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.90-8.oe2403"}]}],"ecosystem_specific":{"aarch64":["dnsmasq-2.90-8.oe2403.aarch64.rpm","dnsmasq-debuginfo-2.90-8.oe2403.aarch64.rpm","dnsmasq-debugsource-2.90-8.oe2403.aarch64.rpm","dnsmasq-help-2.90-8.oe2403.aarch64.rpm"],"src":["dnsmasq-2.90-8.oe2403.src.rpm"],"x86_64":["dnsmasq-2.90-8.oe2403.x86_64.rpm","dnsmasq-debuginfo-2.90-8.oe2403.x86_64.rpm","dnsmasq-debugsource-2.90-8.oe2403.x86_64.rpm","dnsmasq-help-2.90-8.oe2403.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2435"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-2291"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-4890"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-4891"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-4892"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-4893"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-5172"}],"database_specific":{"severity":"Critical"}}