Copyright © 2012 Red Hat, Inc. All rights reserved. Important 2026-05-09T00:00:00 dnsmasq: RRSIG rdlen underflow leading to heap OOB read 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CWE-125

A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.

A heap out-of-bounds read vulnerability was discovered in dnsmasq's DNSSEC validation. When processing RRSIG records, dnsmasq calculates the signature length by subtracting the fixed field size from the record's declared data length. A crafted RRSIG record with a data length smaller than the fixed fields causes this calculation to underflow, potentially resulting in an out-of-bounds read and process crash.

Red Hat Enterprise Linux 10 2026-05-19T00:00:00Z RHSA-2026:19158 dnsmasq-0:2.90-7.el10_2 Red Hat Enterprise Linux 8 2026-05-26T00:00:00Z RHSA-2026:20589 dnsmasq-0:2.79-36.el8_10 Red Hat Enterprise Linux 9 2026-05-19T00:00:00Z RHSA-2026:19373 dnsmasq-0:2.85-18.el9_8.1 Red Hat Enterprise Linux 6 Will not fix dnsmasq Red Hat Enterprise Linux 7 Affected dnsmasq Red Hat OpenShift Container Platform 4 Affected rhcos https://www.cve.org/CVERecord?id=CVE-2026-4891 https://nvd.nist.gov/vuln/detail/CVE-2026-4891 https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html