OESA-2026-2964

Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-2964
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2026-2964.json
JSON Data
https://api.osv.dev/v1/vulns/OESA-2026-2964
Upstream
  • CVE-2026-12725
Published
2026-07-09T12:54:51Z
Modified
2026-07-14T08:15:14.947489135Z
Summary
dnsmasq security update
Details

Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be lightweight and have a small footprint, suitable for resource constrained routers and firewalls. It has also been widely used for tethering on smartphones and portable hotspots, and to support virtual networking in virtualisation frameworks.

Security Fix(es):

A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing unsupported algorithm or digest types can cause dnsmasq to write past the end of an internal logging buffer. A remote attacker able to supply such a DNS response may crash the dnsmasq process, resulting in denial of service.(CVE-2026-12725)

Database specific
{
    "severity": "Medium"
}
References

Affected packages

openEuler:20.03-LTS-SP4 / dnsmasq

Package

Name
dnsmasq
Purl
pkg:rpm/openEuler/dnsmasq&distro=openEuler-20.03-LTS-SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.82-22.oe2003sp4

Ecosystem specific

{
    "x86_64": [
        "dnsmasq-2.82-22.oe2003sp4.x86_64.rpm",
        "dnsmasq-debuginfo-2.82-22.oe2003sp4.x86_64.rpm",
        "dnsmasq-debugsource-2.82-22.oe2003sp4.x86_64.rpm",
        "dnsmasq-help-2.82-22.oe2003sp4.x86_64.rpm"
    ],
    "src": [
        "dnsmasq-2.82-22.oe2003sp4.src.rpm"
    ],
    "aarch64": [
        "dnsmasq-2.82-22.oe2003sp4.aarch64.rpm",
        "dnsmasq-debuginfo-2.82-22.oe2003sp4.aarch64.rpm",
        "dnsmasq-debugsource-2.82-22.oe2003sp4.aarch64.rpm",
        "dnsmasq-help-2.82-22.oe2003sp4.aarch64.rpm"
    ]
}

Database specific

source
"https://repo.openeuler.org/security/data/osv/OESA-2026-2964.json"