CLSA-2026-1779455055

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1779455055.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1779455055
Upstream
  • CVE-2026-2291
  • CVE-2026-4890
  • CVE-2026-4891
  • CVE-2026-4892
  • CVE-2026-4893
Published
2026-05-22T13:04:19Z
Modified
2026-06-01T00:32:34.283446845Z
Summary
dnsmasq: Fix of 5 CVEs
Details
  • CVE-2026-2291: heap OOB write via undersized union bigname buffer
  • CVE-2026-4890: dnssec NSEC bitmap parsing infinite loop
  • CVE-2026-4891: dnssec missing rdlen validation in RRSIG records
  • CVE-2026-4892: helper buffer overflow with large DHCPv6 CLIDs
  • CVE-2026-4893: broken client subnet validation in process_reply
References

Affected packages

TuxCare:AlmaLinux:9.2 / dnsmasq

Package

Name
dnsmasq
Purl
pkg:rpm/tuxcare/dnsmasq?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.85-6.el9_2.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1779455055.json"

TuxCare:AlmaLinux:9.2 / dnsmasq-utils

Package

Name
dnsmasq-utils
Purl
pkg:rpm/tuxcare/dnsmasq-utils?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.85-6.el9_2.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1779455055.json"