CVE-2026-5172

HIGH

dnsmasq < 2.93 - Denial of Service via Malformed DNS Response in extract_addresses()

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-5172. PoCs published by lottiedeyan.

AI-analyzed exploit summary This repository contains a functional proof-of-concept exploit for CVE-2026-5172, demonstrating a buffer overflow in dnsmasq's extract_addresses() function via a crafted DNS SRV record with mismatched RDLEN. It includes a client to send malicious DNS queries and a server to generate the malformed responses.

Description

A buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extract_name() to advance the pointer past the record’s end.

Exploits (1)

github WORKING POC
by lottiedeyan · pythonpoc
https://github.com/lottiedeyan/CVE20265172poc

This repository contains a functional proof-of-concept exploit for CVE-2026-5172, demonstrating a buffer overflow in dnsmasq's extract_addresses() function via a crafted DNS SRV record with mismatched RDLEN. It includes a client to send malicious DNS queries and a server to generate the malformed responses.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: dnsmasq (version not specified)
No auth needed
Prerequisites: dnsmasq configured to forward queries to the malicious server · network access to the target dnsmasq instance
devstral-2 · analyzed May 27, 2026 Full analysis →

References (7)

Core 7

Scores

CVSS v3 7.3
EPSS 0.0002
EPSS Percentile 7.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

Status published
Products (3)
dnsmasq/dnsmasq < 2.92rel2
dnsmasq/dnsmasq 2.92rel2
dnsmasq/dnsmasq 2.93
Published May 11, 2026
Tracked Since May 11, 2026