Description
dnsmasq 2.25 allows remote attackers to cause a denial of service (daemon crash) by (1) renewing a nonexistent lease or (2) sending a DHCPREQUEST for an IP address that is not in the same network, related to the DHCP NAK response from the daemon.
References (10)
Core 10
Core References
Exploit x_refsource_confirm
https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/47438
Exploit mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2008/07/12/3
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2008/07/08/8
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/43929
Various Sources x_refsource_confirm
http://freshmeat.net/projects/dnsmasq/?branch_id=1991&release_id=217681
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2008/07/01/8
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2008/06/30/7
Various Sources x_refsource_confirm
http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2008/07/02/4
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2008/07/03/4
Scores
EPSS
0.0253
EPSS Percentile
83.0%
Details
CWE
CWE-20
Status
published
Products (1)
thekelleys/dnsmasq
2.25
Published
Jul 18, 2008
Tracked Since
Feb 18, 2026