dnsmasq-utils (AlmaLinux:9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:9 package dnsmasq-utils, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (9)
CVE-2026-4892 — CVSS 8.4 (high): A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code…
CVE-2023-28450 — CVSS 7.5 (high): An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of…
CVE-2023-50387 — CVSS 7.5 (high): Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of…
CVE-2023-50868 — CVSS 7.5 (high): The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a…
CVE-2022-0934 — CVSS 7.5 (high): A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet…
CVE-2026-4890 — CVSS 7.5 (high): A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a…
CVE-2026-2291 — CVSS 7.3 (high): dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries…
CVE-2026-4891 — CVSS 5.3 (medium): A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via…
CVE-2026-4893 — CVSS 5.3 (medium): An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871…