OESA-2026-2965

Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-2965
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2026-2965.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2026-2965
Upstream
  • CVE-2026-12725
Published
2026-07-09T12:54:53Z
Modified
2026-07-14T08:15:09.838227450Z
Summary
dnsmasq security update
Details

Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be lightweight and have a small footprint, suitable for resource constrained routers and firewalls. It has also been widely used for tethering on smartphones and portable hotspots, and to support virtual networking in virtualisation frameworks.

Security Fix(es):

A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing unsupported algorithm or digest types can cause dnsmasq to write past the end of an internal logging buffer. A remote attacker able to supply such a DNS response may crash the dnsmasq process, resulting in denial of service.(CVE-2026-12725)

Database specific
{
    "severity": "Medium"
}
References

Affected packages

openEuler:22.03-LTS-SP4 / dnsmasq

Package

Name
dnsmasq
Purl
pkg:rpm/openEuler/dnsmasq&distro=openEuler-22.03-LTS-SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.86-16.oe2203sp4

Ecosystem specific

{
    "src": [
        "dnsmasq-2.86-16.oe2203sp4.src.rpm"
    ],
    "x86_64": [
        "dnsmasq-2.86-16.oe2203sp4.x86_64.rpm",
        "dnsmasq-debuginfo-2.86-16.oe2203sp4.x86_64.rpm",
        "dnsmasq-debugsource-2.86-16.oe2203sp4.x86_64.rpm",
        "dnsmasq-help-2.86-16.oe2203sp4.x86_64.rpm"
    ],
    "aarch64": [
        "dnsmasq-2.86-16.oe2203sp4.aarch64.rpm",
        "dnsmasq-debuginfo-2.86-16.oe2203sp4.aarch64.rpm",
        "dnsmasq-debugsource-2.86-16.oe2203sp4.aarch64.rpm",
        "dnsmasq-help-2.86-16.oe2203sp4.aarch64.rpm"
    ]
}

Database specific

source
"https://repo.openeuler.org/security/data/osv/OESA-2026-2965.json"