Primary

Context

dnsmasq Heap-Based Out-of-Bounds Write Vulnerability in DHCPv6 Implementation Allowing Arbitrary Code Execution with Root Privileges

Vulnerability

Patched

A heap-based out-of-bounds write vulnerability has been identified in the DHCPv6 implementation of dnsmasq, an open-source networking tool that provides DNS forwarding, DHCP, and network boot services. This vulnerability allows local attackers to execute arbitrary code with root privileges by sending a crafted DHCPv6 packet. The issue arises from improper handling of memory, leading to potential exploitation by manipulating DHCPv6 traffic.

Impact

Exploitation of this vulnerability allows local attackers to execute arbitrary code as root on the affected system.

Remediation

dnsmasq has released version 2.92rel2 to address this vulnerability. Users are advised to update to this version.

Added: May 11, 2026, 6:57 PM

Updated: May 11, 2026, 6:57 PM

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

7.5

exploitability

5.0

remediation

7.7

relevance

8.0

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

7.5

exploitability

5.0

remediation

7.7

relevance

8.0

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

dnsmasq Heap-Based Out-of-Bounds Write Vulnerability in DHCPv6 Implementation Allowing Arbitrary Code Execution with Root Privileges

Vulnerability

Impact

Remediation

Affected Products

dnsmasq

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating