UBUNTU-CVE-2025-12200

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2025-12200

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-12200.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2025-12200

Upstream

CVE-2025-12200

Published

2025-10-27T01:15:00Z

Modified

2026-05-26T20:00:12.490382130Z

Severity

3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
4.4 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
1.9 (Low) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P CVSS Calculator
Ubuntu - medium

Summary

[none]

Details

Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Based on the analysis by MITRE and review of community feedback, the reported conditions represent expected and intentional behavior within dnsmasq's documented design, rather than security vulnerabilities.

References

Affected packages

Ubuntu:22.04:LTS

dnsmasq

Package

Name: dnsmasq
Purl: pkg:deb/ubuntu/dnsmasq?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.85-1ubuntu2

2.86-1.1

2.86-1.1ubuntu0.1

2.86-1.1ubuntu0.2

2.86-1.1ubuntu0.3

2.86-1.1ubuntu0.4

2.86-1.1ubuntu0.5

2.90-0ubuntu0.22.04.1

2.90-0ubuntu0.22.04.3

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "dnsmasq",
            "binary_version": "2.90-0ubuntu0.22.04.3"
        },
        {
            "binary_name": "dnsmasq-base",
            "binary_version": "2.90-0ubuntu0.22.04.3"
        },
        {
            "binary_name": "dnsmasq-base-lua",
            "binary_version": "2.90-0ubuntu0.22.04.3"
        },
        {
            "binary_name": "dnsmasq-utils",
            "binary_version": "2.90-0ubuntu0.22.04.3"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-12200.json"

Ubuntu:24.04:LTS

dnsmasq

Package

Name: dnsmasq
Purl: pkg:deb/ubuntu/dnsmasq?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.89-1

2.90-2

2.90-2build1

2.90-2build2

2.90-2ubuntu0.1

2.90-2ubuntu0.3

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "dnsmasq",
            "binary_version": "2.90-2ubuntu0.3"
        },
        {
            "binary_name": "dnsmasq-base",
            "binary_version": "2.90-2ubuntu0.3"
        },
        {
            "binary_name": "dnsmasq-base-lua",
            "binary_version": "2.90-2ubuntu0.3"
        },
        {
            "binary_name": "dnsmasq-utils",
            "binary_version": "2.90-2ubuntu0.3"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-12200.json"

Ubuntu:25.10

dnsmasq

Package

Name: dnsmasq
Purl: pkg:deb/ubuntu/dnsmasq?arch=source&distro=questing

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.91-1

2.91-1build1

2.91-1ubuntu0.2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "dnsmasq",
            "binary_version": "2.91-1ubuntu0.2"
        },
        {
            "binary_name": "dnsmasq-base",
            "binary_version": "2.91-1ubuntu0.2"
        },
        {
            "binary_name": "dnsmasq-base-lua",
            "binary_version": "2.91-1ubuntu0.2"
        },
        {
            "binary_name": "dnsmasq-utils",
            "binary_version": "2.91-1ubuntu0.2"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-12200.json"

Ubuntu:Pro:14.04:LTS

dnsmasq

Package

Name: dnsmasq
Purl: pkg:deb/ubuntu/dnsmasq?arch=source&distro=esm-infra-legacy%2Ftrusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.66-4ubuntu1

2.67-1

2.68-1

2.68-1ubuntu0.1

2.68-1ubuntu0.2

2.68-1ubuntu0.2+esm1

2.68-1ubuntu0.2+esm2

2.68-1ubuntu0.2+esm3

2.68-1ubuntu0.2+esm5

2.68-1ubuntu0.2+esm6

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "dnsmasq",
            "binary_version": "2.68-1ubuntu0.2+esm6"
        },
        {
            "binary_name": "dnsmasq-base",
            "binary_version": "2.68-1ubuntu0.2+esm6"
        },
        {
            "binary_name": "dnsmasq-utils",
            "binary_version": "2.68-1ubuntu0.2+esm6"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-12200.json"

Ubuntu:Pro:16.04:LTS

dnsmasq

Package

Name: dnsmasq
Purl: pkg:deb/ubuntu/dnsmasq?arch=source&distro=esm-infra%2Fxenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.75-1

2.75-1ubuntu0.16.04.1

2.75-1ubuntu0.16.04.2

2.75-1ubuntu0.16.04.3

2.75-1ubuntu0.16.04.4

2.75-1ubuntu0.16.04.5

2.75-1ubuntu0.16.04.7

2.75-1ubuntu0.16.04.8

2.75-1ubuntu0.16.04.10

2.75-1ubuntu0.16.04.10+esm1

2.79-1ubuntu0.16.04.1+esm1

2.79-1ubuntu0.16.04.1+esm2

2.90-0ubuntu0.16.04.1+esm1

2.90-0ubuntu0.16.04.1+esm3

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "dnsmasq",
            "binary_version": "2.90-0ubuntu0.16.04.1+esm3"
        },
        {
            "binary_name": "dnsmasq-base",
            "binary_version": "2.90-0ubuntu0.16.04.1+esm3"
        },
        {
            "binary_name": "dnsmasq-base-lua",
            "binary_version": "2.90-0ubuntu0.16.04.1+esm3"
        },
        {
            "binary_name": "dnsmasq-utils",
            "binary_version": "2.90-0ubuntu0.16.04.1+esm3"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-12200.json"

Ubuntu:Pro:18.04:LTS

dnsmasq

Package

Name: dnsmasq
Purl: pkg:deb/ubuntu/dnsmasq?arch=source&distro=esm-infra%2Fbionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.78-1

2.78-3

2.79-1

2.79-1ubuntu0.2

2.79-1ubuntu0.3

2.79-1ubuntu0.4

2.79-1ubuntu0.5

2.79-1ubuntu0.6

2.79-1ubuntu0.7

2.90-0ubuntu0.18.04.1+esm1

2.90-0ubuntu0.18.04.1+esm3

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "dnsmasq",
            "binary_version": "2.90-0ubuntu0.18.04.1+esm3"
        },
        {
            "binary_name": "dnsmasq-base",
            "binary_version": "2.90-0ubuntu0.18.04.1+esm3"
        },
        {
            "binary_name": "dnsmasq-base-lua",
            "binary_version": "2.90-0ubuntu0.18.04.1+esm3"
        },
        {
            "binary_name": "dnsmasq-utils",
            "binary_version": "2.90-0ubuntu0.18.04.1+esm3"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-12200.json"

Ubuntu:Pro:20.04:LTS

dnsmasq

Package

Name: dnsmasq
Purl: pkg:deb/ubuntu/dnsmasq?arch=source&distro=esm-infra%2Ffocal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.80-1ubuntu2

2.80-1ubuntu4

2.80-1.1ubuntu1

2.80-1.1ubuntu1.2

2.80-1.1ubuntu1.3

2.80-1.1ubuntu1.4

2.80-1.1ubuntu1.5

2.80-1.1ubuntu1.6

2.80-1.1ubuntu1.7

2.90-0ubuntu0.20.04.1

2.90-0ubuntu0.20.04.1+esm2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "dnsmasq",
            "binary_version": "2.90-0ubuntu0.20.04.1+esm2"
        },
        {
            "binary_name": "dnsmasq-base",
            "binary_version": "2.90-0ubuntu0.20.04.1+esm2"
        },
        {
            "binary_name": "dnsmasq-base-lua",
            "binary_version": "2.90-0ubuntu0.20.04.1+esm2"
        },
        {
            "binary_name": "dnsmasq-utils",
            "binary_version": "2.90-0ubuntu0.20.04.1+esm2"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-12200.json"