dnsmasq: fix CVE-2026-5172 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Abhishek Bachiphale <Abhishek.Bachiphale@windriver.com>	2026-05-23 17:00:24 +1200
committer	Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-05-29 09:29:32 +0530
commit	ed946592da368d46cad0e673d8fbcadc87510e4e (patch)
tree	dd75488c573777ae4c004c6be041b88e567ffa89 /meta-python/recipes-devtools/python
parent	b81fd0e23e6136c111de0b8a69db3ecdac581477 (diff)
download	meta-openembedded-ed946592da368d46cad0e673d8fbcadc87510e4e.tar.gz

dnsmasq: fix CVE-2026-5172

A buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extract_name() to advance the pointer past the record’s end. Reference: [ https://nvd.nist.gov/vuln/detail/CVE-2026-5172 ] Signed-off-by: Abhishek Bachiphale <Abhishek.Bachiphale@windriver.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com> (cherry picked from commit 44c8962f48a67fbe0fbc8fd830d2f51ae15541a4) Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>

Diffstat (limited to 'meta-python/recipes-devtools/python')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: