GHSA-57vp-ffx7-7gm6HighCVSS 7.3

A buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap...

Published
May 11, 2026
Last Modified
June 30, 2026

🔗 CVE IDs covered (1)

📋 Description

A buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extract_name() to advance the pointer past the record’s end.

🔗 References (13)