HIGHCVE-2026-6507Published Modified CNA redhat
CVE-2026-6507: Dnsmasq: dnsmasq: denial of service due to out-of-bounds write in dhcp bootreply processing
A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY (Bootstrap Protocol Reply) packet to a dnsmasq server configured with the `--dhcp-split-relay` option. This can lead to memory corruption, causing the dnsmasq daemon to crash and resulting in a denial of service (DoS).
Metrics
- CVSS v3.1
- 7.5
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 6
Affected packages
- Red Hat / Red Hat Enterprise Linux 10
- Red Hat / Red Hat Enterprise Linux 6
- Red Hat / Red Hat Enterprise Linux 7
- Red Hat / Red Hat Enterprise Linux 8
- Red Hat / Red Hat Enterprise Linux 9
- Red Hat / Red Hat OpenShift Container Platform 4
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HReferences