Thekelleys Dnsmasq vulnerabilities
44 known vulnerabilities affecting thekelleys/dnsmasq.
Total CVEs
44
CISA KEV
0
Public exploits
9
Exploited in wild
0
Severity breakdown
CRITICAL10HIGH16MEDIUM14LOW4
Vulnerabilities
Page 2 of 3
CVE-2021-45956P3CRITICALCVSS 9.8v2.862022-01-01
CVE-2021-45956 [CRITICAL] CVE-2021-45956: Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called from log_packet and dhcp_reply).
Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called from log_packet and dhcp_reply). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.
nvd
CVE-2021-45953P3CRITICALCVSS 9.8v2.862022-01-01
CVE-2021-45953 [CRITICAL] CVE-2021-45953: Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from hash_questions and fuzz_u
Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from hash_questions and fuzz_util.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.
nvd
CVE-2021-45957P3CRITICALCVSS 9.8v2.862022-01-01
CVE-2021-45957 [CRITICAL] CVE-2021-45957: Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (called from FuzzAnswerTheRequest an
Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (called from FuzzAnswerTheRequest and fuzz_rfc1035.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.
nvd
CVE-2022-0934P3HIGHCVSS 7.5fixed in 2.87vNot-Known2022-08-29
CVE-2022-0934 [HIGH] CWE-416 CVE-2022-0934: A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an att
A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service.
nvdosv
CVE-2019-14513P3HIGHCVSS 7.5fixed in 2.762019-08-01
CVE-2019-14513 [HIGH] CVE-2019-14513: Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send lar
Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.
nvdosv
CVE-2017-15107P3HIGHCVSS 7.5≤ 2.782018-01-23
CVE-2017-15107 [HIGH] CWE-358 CVE-2017-15107: A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildc
A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.
nvdosv
CVE-2023-49441P3HIGHCVSS 7.5v2.92024-06-06
CVE-2023-49441 [HIGH] CWE-190 CVE-2023-49441: dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query.
dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query.
nvdosv
CVE-2023-28450P3HIGHCVSS 7.5fixed in 2.902023-03-15
CVE-2023-28450 [HIGH] CVE-2023-28450: An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set t
An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.
nvdosv
CVE-2008-3214P4HIGHCVSS 7.8v2.252008-07-18
CVE-2008-3214 [HIGH] CWE-20 CVE-2008-3214: dnsmasq 2.25 allows remote attackers to cause a denial of service (daemon crash) by (1) renewing a n
dnsmasq 2.25 allows remote attackers to cause a denial of service (daemon crash) by (1) renewing a nonexistent lease or (2) sending a DHCPREQUEST for an IP address that is not in the same network, related to the DHCP NAK response from the daemon.
nvdosv
CVE-2015-8899P4HIGHCVSS 7.5≤ 2.752016-06-30
CVE-2015-8899 [HIGH] CWE-20 CVE-2015-8899: Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an e
Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.
nvdosv
CVE-2005-0877P4HIGHCVSS 7.5fixed in 2.212005-05-02
CVE-2005-0877 [HIGH] CWE-346 CVE-2005-0877: Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were
Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq.
nvdosv
CVE-2015-3294P4MEDIUMCVSS 6.4≤ 2.732015-05-08
CVE-2015-3294 [MEDIUM] CWE-19 CVE-2015-3294: The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the
The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.
nvdosv
CVE-2020-14312P4MEDIUMCVSS 5.9≥ 0, < 2.69-12021-02-06
CVE-2020-14312 [MEDIUM] CVE-2020-14312: A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, wh
A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option `local-service` is not enabled. Runni
osv
CVE-2012-3411P4MEDIUMCVSS 5.0≤ 2.622013-03-05
CVE-2012-3411 [MEDIUM] CWE-20 CVE-2012-3411: Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from pr
Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query.
nvdosv
CVE-2021-3448P4MEDIUMCVSS 4.0fixed in 2.85vdnsmasq 2.852021-04-08
CVE-2021-3448 [MEDIUM] CWE-358 CVE-2021-3448: A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a
A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This
nvdosv
CVE-2020-25686P4LOWCVSS 3.7fixed in 2.832021-01-20
CVE-2020-25686 [LOW] CVE-2020-25686: A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to
nvdosv
CVE-2013-0198P4MEDIUMCVSS 5.0≤ 2.652013-03-05
CVE-2013-0198 [MEDIUM] CVE-2013-0198: Dnsmasq before 2.66test2, when used with certain libvirt configurations, replies to queries from pro
Dnsmasq before 2.66test2, when used with certain libvirt configurations, replies to queries from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via spoofed TCP based DNS queries. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3411.
nvdosv
CVE-2020-25684P4LOWCVSS 3.7fixed in 2.83vdnsmasq 2.832021-01-20
CVE-2020-25684 [LOW] CWE-358 CVE-2020-25684: A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmas
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an atta
nvdosv
CVE-2008-3350P4HIGHCVSS 7.8≥ 0, < 2.44-12008-07-28
CVE-2008-3350 [HIGH] CVE-2008-3350: dnsmasq 2
dnsmasq 2.43 allows remote attackers to cause a denial of service (daemon crash) by (1) sending a DHCPINFORM while lacking a DHCP lease, or (2) attempting to renew a nonexistent DHCP lease for an invalid subnet as an "unknown client," a different vulnerability than CVE-2008-3214.
osv
CVE-2020-37127P4MEDIUMCVSS 6.9≥ 0, < 2.80-12026-02-05
CVE-2020-37127 [MEDIUM] CVE-2020-37127: Dnsmasq-utils 2
Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcp_release utility that allows attackers to cause a denial of service by supplying excessive input. Attackers can trigger a core dump and terminate the dhcp_release process by sending a crafted input string longer than 16 characters.
osv