Skip to main content

Dnsmasq

20 CVEs product

Monthly

CVE-2026-5172 HIGH PATCH This Week

Remote denial-of-service and limited information disclosure in dnsmasq's extract_addresses() function allows attackers controlling or able to inject DNS responses to crash the daemon by sending a malformed DNS record whose declared rdlen pushes extract_name() past the record boundary, triggering a heap out-of-bounds read. The flaw affects dnsmasq 2.93 and downstream packages from Red Hat, SUSE, Ubuntu, and Pi-hole FTL. No public exploit identified at time of analysis, EPSS exploitation probability is 0.03% (9th percentile), and CISA SSVC rates exploitation as 'none' with only partial technical impact.

Buffer Overflow Dnsmasq Information Disclosure
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-4892 HIGH PATCH This Week

Heap-based buffer overflow in dnsmasq's DHCPv6 implementation enables local attackers to execute arbitrary code with root privileges. Affects dnsmasq 2.93 (and potentially earlier 2.92 branch based on NixOS patching activity). CERT/CC issued VU#471747, and upstream published CVE-specific advisory at thekelleys.org.uk/dnsmasq/CVE/. NixOS patch activity (PR #519082, #519093) indicates real-world remediation effort. No CISA KEV listing or public POC identified at time of analysis, suggesting limited active exploitation despite high CVSS 8.4 score.

RCE Buffer Overflow Heap Overflow Dnsmasq
NVD GitHub VulDB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-4891 MEDIUM PATCH This Month

Heap-based out-of-bounds read in dnsmasq DNSSEC validation allows remote unauthenticated attackers to trigger a denial of service by sending a crafted DNS packet. The vulnerability affects dnsmasq 2.93 and potentially earlier versions; CVSS 5.3 with network-based access vector indicates moderate severity. No public exploit code or active exploitation confirmed at time of analysis.

Denial Of Service Buffer Overflow Information Disclosure Dnsmasq
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-4890 HIGH PATCH This Week

Remote unauthenticated attackers can crash dnsmasq DNS servers via crafted packets exploiting DNSSEC validation logic. The vulnerability affects dnsmasq 2.93 with CVSS 7.5 (high severity). Upstream fix is available in version 2.92rel2 per NixOS packaging commits, though official vendor release status requires confirmation. No public exploit identified at time of analysis, with CERT/CC tracking (VU#471747) suggesting coordinated disclosure.

Denial Of Service Dnsmasq
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-2291 HIGH PATCH This Week

Heap buffer overflow in dnsmasq's extract_name() function allows remote attackers to write out-of-bounds on the heap, enabling DNS cache poisoning that redirects lookups to attacker-controlled IP addresses or causes denial of service. The flaw stems from a bigname namebuffer sized for wire-form domain names (MAXDNAME) instead of the larger escaped internal representation (MAXDNAME*2 + 1). EPSS is low (0.03%, 9th percentile) with no public exploit identified at time of analysis, but multiple major distributions (Red Hat, SUSE, Ubuntu) have shipped patches reflecting widespread downstream exposure.

Buffer Overflow Dnsmasq
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2023-28450 HIGH This Week

An issue was discovered in Dnsmasq before 2.90. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dnsmasq
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-0934 HIGH PATCH This Week

A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Denial Of Service Use After Free Dnsmasq Enterprise Linux
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-3448 MEDIUM POC PATCH This Month

A flaw was found in dnsmasq in versions before 2.85. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Dnsmasq Enterprise Linux Fedora Communications Cloud Native Core Network Function Cloud Native Environment
NVD
CVSS 3.1
4.0
EPSS
2.0%
CVE-2019-14513 HIGH POC This Week

Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Dnsmasq Debian Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2017-14491 CRITICAL POC PATCH THREAT Act Now

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 57.8%.

Buffer Overflow Memory Corruption Denial Of Service RCE Dnsmasq +20
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
57.8%
Threat
5.2
CVE-2017-14496 HIGH POC PATCH THREAT Act Now

Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.9%.

Integer Overflow Denial Of Service Ubuntu Linux Debian Linux Android +5
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
16.9%
CVE-2017-14495 HIGH POC PATCH THREAT Act Now

Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 53.3%.

Denial Of Service Ubuntu Linux Debian Linux Enterprise Linux Desktop Enterprise Linux Server +2
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
53.3%
Threat
4.6
CVE-2017-14494 MEDIUM POC PATCH THREAT This Month

dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 11.0%.

Information Disclosure Ubuntu Linux Debian Linux Leap Enterprise Linux Desktop +3
NVD Exploit-DB
CVSS 3.0
5.9
EPSS
11.0%
CVE-2017-14493 CRITICAL POC PATCH Act Now

Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow RCE Denial Of Service Ubuntu Linux Debian Linux +5
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
5.3%
CVE-2017-14492 CRITICAL POC PATCH THREAT Act Now

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 92.8%.

Buffer Overflow RCE Denial Of Service Ubuntu Linux Debian Linux +4
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
92.8%
Threat
6.2
CVE-2017-13704 HIGH Act Now

In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 79.3% and no vendor patch available.

Denial Of Service Ubuntu Linux Debian Linux Fedora Leap +4
NVD
CVSS 3.0
7.5
EPSS
79.3%
CVE-2015-8899 HIGH This Week

Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Ubuntu Linux Dnsmasq
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2015-3294 MEDIUM POC This Month

The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Dnsmasq Solaris
NVD
CVSS 2.0
6.4
EPSS
0.2%
CVE-2013-0198 MEDIUM POC This Month

Dnsmasq before 2.66test2, when used with certain libvirt configurations, replies to queries from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Dnsmasq
NVD
CVSS 2.0
5.0
EPSS
0.1%
CVE-2012-3411 MEDIUM PATCH This Month

Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Dnsmasq Enterprise Linux Desktop Enterprise Linux Server Enterprise Linux Workstation
NVD
CVSS 2.0
5.0
EPSS
0.9%
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Remote denial-of-service and limited information disclosure in dnsmasq's extract_addresses() function allows attackers controlling or able to inject DNS responses to crash the daemon by sending a malformed DNS record whose declared rdlen pushes extract_name() past the record boundary, triggering a heap out-of-bounds read. The flaw affects dnsmasq 2.93 and downstream packages from Red Hat, SUSE, Ubuntu, and Pi-hole FTL. No public exploit identified at time of analysis, EPSS exploitation probability is 0.03% (9th percentile), and CISA SSVC rates exploitation as 'none' with only partial technical impact.

Buffer Overflow Dnsmasq Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 8.4
HIGH PATCH This Week

Heap-based buffer overflow in dnsmasq's DHCPv6 implementation enables local attackers to execute arbitrary code with root privileges. Affects dnsmasq 2.93 (and potentially earlier 2.92 branch based on NixOS patching activity). CERT/CC issued VU#471747, and upstream published CVE-specific advisory at thekelleys.org.uk/dnsmasq/CVE/. NixOS patch activity (PR #519082, #519093) indicates real-world remediation effort. No CISA KEV listing or public POC identified at time of analysis, suggesting limited active exploitation despite high CVSS 8.4 score.

RCE Buffer Overflow Heap Overflow +1
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Heap-based out-of-bounds read in dnsmasq DNSSEC validation allows remote unauthenticated attackers to trigger a denial of service by sending a crafted DNS packet. The vulnerability affects dnsmasq 2.93 and potentially earlier versions; CVSS 5.3 with network-based access vector indicates moderate severity. No public exploit code or active exploitation confirmed at time of analysis.

Denial Of Service Buffer Overflow Information Disclosure +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Remote unauthenticated attackers can crash dnsmasq DNS servers via crafted packets exploiting DNSSEC validation logic. The vulnerability affects dnsmasq 2.93 with CVSS 7.5 (high severity). Upstream fix is available in version 2.92rel2 per NixOS packaging commits, though official vendor release status requires confirmation. No public exploit identified at time of analysis, with CERT/CC tracking (VU#471747) suggesting coordinated disclosure.

Denial Of Service Dnsmasq
NVD GitHub VulDB
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Heap buffer overflow in dnsmasq's extract_name() function allows remote attackers to write out-of-bounds on the heap, enabling DNS cache poisoning that redirects lookups to attacker-controlled IP addresses or causes denial of service. The flaw stems from a bigname namebuffer sized for wire-form domain names (MAXDNAME) instead of the larger escaped internal representation (MAXDNAME*2 + 1). EPSS is low (0.03%, 9th percentile) with no public exploit identified at time of analysis, but multiple major distributions (Red Hat, SUSE, Ubuntu) have shipped patches reflecting widespread downstream exposure.

Buffer Overflow Dnsmasq
NVD GitHub VulDB
EPSS 1% CVSS 7.5
HIGH This Week

An issue was discovered in Dnsmasq before 2.90. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dnsmasq
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Denial Of Service Use After Free +2
NVD
EPSS 2% CVSS 4.0
MEDIUM POC PATCH This Month

A flaw was found in dnsmasq in versions before 2.85. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Dnsmasq Enterprise Linux +2
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Dnsmasq +1
NVD GitHub
EPSS 58% 5.2 CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 57.8%.

Buffer Overflow Memory Corruption Denial Of Service +22
NVD Exploit-DB
EPSS 17% CVSS 7.5
HIGH POC PATCH THREAT Act Now

Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.9%.

Integer Overflow Denial Of Service Ubuntu Linux +7
NVD Exploit-DB
EPSS 53% 4.6 CVSS 7.5
HIGH POC PATCH THREAT Act Now

Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 53.3%.

Denial Of Service Ubuntu Linux Debian Linux +4
NVD Exploit-DB
EPSS 11% CVSS 5.9
MEDIUM POC PATCH THREAT This Month

dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 11.0%.

Information Disclosure Ubuntu Linux Debian Linux +5
NVD Exploit-DB
EPSS 5% CVSS 9.8
CRITICAL POC PATCH Act Now

Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow RCE Denial Of Service +7
NVD Exploit-DB
EPSS 93% 6.2 CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 92.8%.

Buffer Overflow RCE Denial Of Service +6
NVD Exploit-DB
EPSS 79% CVSS 7.5
HIGH Act Now

In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 79.3% and no vendor patch available.

Denial Of Service Ubuntu Linux Debian Linux +6
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Ubuntu Linux Dnsmasq
NVD
EPSS 0% CVSS 6.4
MEDIUM POC This Month

The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Dnsmasq +1
NVD
EPSS 0% CVSS 5.0
MEDIUM POC This Month

Dnsmasq before 2.66test2, when used with certain libvirt configurations, replies to queries from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Dnsmasq
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Dnsmasq Enterprise Linux Desktop +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy