An update for dnsmasq is now available for openEuler-24.03-LTS Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2026-2435 Final 1.0 1.0 2026-05-22 Initial 2026-05-22 2026-05-22 openEuler SA Tool V1.0 2026-05-22 dnsmasq security update An update for dnsmasq is now available for openEuler-24.03-LTS Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be lightweight and have a small footprint, suitable for resource constrained routers and firewalls. It has also been widely used for tethering on smartphones and portable hotspots, and to support virtual networking in virtualisation frameworks. Security Fix(es): dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS.(CVE-2026-2291) A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.(CVE-2026-4890) A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.(CVE-2026-4891) A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet.(CVE-2026-4892) An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information.(CVE-2026-4893) A buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extract_name() to advance the pointer past the record’s end.(CVE-2026-5172) An update for dnsmasq is now available for openEuler-24.03-LTS. openEuler Security has rated this update as having a security impact of critical. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Critical dnsmasq https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2435 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-2291 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-4890 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-4891 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-4892 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-4893 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-5172 https://nvd.nist.gov/vuln/detail/CVE-2026-2291 https://nvd.nist.gov/vuln/detail/CVE-2026-4890 https://nvd.nist.gov/vuln/detail/CVE-2026-4891 https://nvd.nist.gov/vuln/detail/CVE-2026-4892 https://nvd.nist.gov/vuln/detail/CVE-2026-4893 https://nvd.nist.gov/vuln/detail/CVE-2026-5172 openEuler-24.03-LTS dnsmasq-2.90-8.oe2403.aarch64.rpm dnsmasq-debuginfo-2.90-8.oe2403.aarch64.rpm dnsmasq-debugsource-2.90-8.oe2403.aarch64.rpm dnsmasq-help-2.90-8.oe2403.aarch64.rpm dnsmasq-2.90-8.oe2403.src.rpm dnsmasq-2.90-8.oe2403.x86_64.rpm dnsmasq-debuginfo-2.90-8.oe2403.x86_64.rpm dnsmasq-debugsource-2.90-8.oe2403.x86_64.rpm dnsmasq-help-2.90-8.oe2403.x86_64.rpm dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS. 2026-05-22 CVE-2026-2291 openEuler-24.03-LTS Critical 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H dnsmasq security update 2026-05-22 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2435 A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet. 2026-05-22 CVE-2026-4890 openEuler-24.03-LTS High 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H dnsmasq security update 2026-05-22 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2435 A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet. 2026-05-22 CVE-2026-4891 openEuler-24.03-LTS Medium 5.3 AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N dnsmasq security update 2026-05-22 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2435 A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet. 2026-05-22 CVE-2026-4892 openEuler-24.03-LTS High 8.4 AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H dnsmasq security update 2026-05-22 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2435 An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information. 2026-05-22 CVE-2026-4893 openEuler-24.03-LTS Medium 5.3 AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N dnsmasq security update 2026-05-22 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2435 A buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extract_name() to advance the pointer past the record’s end. 2026-05-22 CVE-2026-5172 openEuler-24.03-LTS High 7.3 AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L dnsmasq security update 2026-05-22 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2435