OESA-2026-2966

Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-2966
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2026-2966.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2026-2966
Upstream
  • CVE-2026-12725
  • CVE-2026-12969
Published
2026-07-09T12:54:55Z
Modified
2026-07-14T08:15:11.522157974Z
Summary
dnsmasq security update
Details

Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be lightweight and have a small footprint, suitable for resource constrained routers and firewalls. It has also been widely used for tethering on smartphones and portable hotspots, and to support virtual networking in virtualisation frameworks.

Security Fix(es):

A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing unsupported algorithm or digest types can cause dnsmasq to write past the end of an internal logging buffer. A remote attacker able to supply such a DNS response may crash the dnsmasq process, resulting in denial of service.(CVE-2026-12725)

An out-of-bounds read vulnerability exists in dnsmasq's findsoa() function in src/rfc1035.c. When parsing NS section records, extractname() is called with extrabytes=0, failing to validate that 10 additional bytes exist for fixed-length DNS record fields. A remote attacker controlling a DNS zone can exploit this via a crafted NXDOMAIN response to cause a 10-byte heap out-of-bounds read, potentially accessing stale data from prior transactions.(CVE-2026-12969)

Database specific
{
    "severity": "Medium"
}
References

Affected packages

openEuler:24.03-LTS-SP1 / dnsmasq

Package

Name
dnsmasq
Purl
pkg:rpm/openEuler/dnsmasq&distro=openEuler-24.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.90-11.oe2403sp1

Ecosystem specific

{
    "src": [
        "dnsmasq-2.90-11.oe2403sp1.src.rpm"
    ],
    "x86_64": [
        "dnsmasq-2.90-11.oe2403sp1.x86_64.rpm",
        "dnsmasq-debuginfo-2.90-11.oe2403sp1.x86_64.rpm",
        "dnsmasq-debugsource-2.90-11.oe2403sp1.x86_64.rpm",
        "dnsmasq-help-2.90-11.oe2403sp1.x86_64.rpm"
    ],
    "aarch64": [
        "dnsmasq-2.90-11.oe2403sp1.aarch64.rpm",
        "dnsmasq-debuginfo-2.90-11.oe2403sp1.aarch64.rpm",
        "dnsmasq-debugsource-2.90-11.oe2403sp1.aarch64.rpm",
        "dnsmasq-help-2.90-11.oe2403sp1.aarch64.rpm"
    ]
}

Database specific

source
"https://repo.openeuler.org/security/data/osv/OESA-2026-2966.json"