Mageia 9 dnsmasq Moderate Denial of Service and Buffer Overflow Alert

mageia

May 14, 2026

MGASA-2026-0135 - Updated dnsmasq packages fix security vulnerabilities

Summary

Description: CVE-2026-2291: dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS. CVE-2026-4890: A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet. CVE-2026-4891: A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet. CVE-2026-4892: A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet. CVE-2026-4893: An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 787...

References

- https://bugs.mageia.org/show_bug.cgi?id=35520

- https://thekelleys.org.uk/dnsmasq/CHANGELOG

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2291

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4890

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4891

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4892

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4893

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5172

Topics Covered

security advisory denial of service buffer overflow information disclosure dnsmasq Mageia

Resolution

SRPMS

- 9/core/dnsmasq-2.92rel2-1.mga9

Severity

important

Lowest

Low

Medium

High

Critical

Publication date: 14 May 2026

URL: https://advisories.mageia.org/MGASA-2026-0135.html

Type: security

CVE: CVE-2026-2291, CVE-2026-4890, CVE-2026-4891, CVE-2026-4892, CVE-2026-4893, CVE-2026-5172

Topics Covered

security advisory denial of service buffer overflow information disclosure dnsmasq Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Mageia 9 dnsmasq Moderate Denial of Service and Buffer Overflow Alert

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Mageia 9 dnsmasq Moderate Denial of Service and Buffer Overflow Alert

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!