Primary

Context

Dnsmasq-Utils Buffer Overflow Vulnerability in DHCP Release Utility Allowing Denial-of-Service

Vulnerability

A buffer overflow vulnerability has been identified in the dnsmasq-utils package version 2.79-1, specifically within the dhcp_release utility. This vulnerability allows attackers to cause a denial-of-service condition by sending excessively long input strings, exceeding 16 characters. The exploitation of this vulnerability leads to a core dump and terminates the dhcp_release process.

Impact

Exploitation of this vulnerability causes a denial-of-service condition by terminating the dhcp_release process and generating a core dump.

Reproduction

The vulnerability can be reproduced by using the dhcp_release utility and supplying a crafted input string longer than 16 characters. This can be automated with a Python script that increments the string length until the buffer overflow is detected, indicated by the process being terminated and a core dump being generated.

Added: Feb 5, 2026, 5:47 PM

Updated: Feb 5, 2026, 9:29 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.6

remediation

0.0

relevance

2.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.6

remediation

0.0

relevance

2.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dnsmasq-Utils Buffer Overflow Vulnerability in DHCP Release Utility Allowing Denial-of-Service

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating