← volver
CVE-2026-6507

Dnsmasq: dnsmasq: denial of service due to out-of-bounds write in dhcp bootreply processing

CVSS 7.5 HIGHEPSS 0.5%CWE-787
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.5EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
17 abr 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY (Bootstrap Protocol Reply) packet to a dnsmasq server configured with the `--dhcp-split-relay` option. This can lead to memory corruption, causing the dnsmasq daemon to crash and resulting in a denial of service (DoS).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →