Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-5172
PUBLISHED
More InfoOfficial Page
Assigner-certcc
Assigner Org ID-37e5125f-f79b-445b-8fad-9564f167944b
View Known Exploited Vulnerability (KEV) details
Published At-11 May, 2026 | 16:48
Updated At-30 Jun, 2026 | 03:18
Rejected At-
▼CVE Numbering Authority (CNA)
CVE-2026-5172

A buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extract_name() to advance the pointer past the record’s end.

Affected Products
Vendor
dnsmasq
Product
dnsmasq
Versions
Affected
  • From 0 before 2.92rel2 (custom)
Problem Types
TypeCWE IDDescription
N/AN/ACWE-787: Out-of-bounds Write
Type: N/A
CWE ID: N/A
Description: CWE-787: Out-of-bounds Write
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.kb.cert.org/vuls/id/471747
N/A
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html
N/A
https://thekelleys.org.uk/dnsmasq/CVE/
N/A
https://github.com/NixOS/nixpkgs/pull/519082
N/A
https://github.com/NixOS/nixpkgs/pull/519093
N/A
https://github.com/pi-hole/FTL/releases/tag/v6.6.2
N/A
Hyperlink: https://www.kb.cert.org/vuls/id/471747
Resource: N/A
Hyperlink: https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html
Resource: N/A
Hyperlink: https://thekelleys.org.uk/dnsmasq/CVE/
Resource: N/A
Hyperlink: https://github.com/NixOS/nixpkgs/pull/519082
Resource: N/A
Hyperlink: https://github.com/NixOS/nixpkgs/pull/519093
Resource: N/A
Hyperlink: https://github.com/pi-hole/FTL/releases/tag/v6.6.2
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
2. dnsmasq: extract_addresses() OOB read via malformed rdlen

A heap out-of-bounds read vulnerability was discovered in dnsmasq's DNS response processing. The extract_addresses() function trusts the declared record data length (rdlen) without verifying that a subsequent call to extract_name() stays within the record boundary. A crafted DNS response with a mismatched rdlen causes the remaining-bytes calculation to underflow, resulting in a massive out-of-bounds read and process crash.

Affected Products
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux AppStream (v. 10)
CPEs
  • cpe:/o:redhat:enterprise_linux:10.2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 6
CPEs
  • cpe:/o:redhat:enterprise_linux:6
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
CPEs
  • cpe:/o:redhat:enterprise_linux:8
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 7
CPEs
  • cpe:/o:redhat:enterprise_linux:7
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Problem Types
TypeCWE IDDescription
CWECWE-125Out-of-bounds Read
Type: CWE
CWE ID: CWE-125
Description: Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Red Hat severity rating
value:
Important
namespace:
https://access.redhat.com/security/updates/classification/
Impacts
CAPEC IDDescription
Solutions

RHSA-2026:19158: Red Hat Enterprise Linux AppStream (v. 10)

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Reported to Red Hat.2026-04-14 22:55:28
Made public.2026-05-09 00:00:00
Event: Reported to Red Hat.
Date: 2026-04-14 22:55:28
Event: Made public.
Date: 2026-05-09 00:00:00
Replaced By

Rejected Reason

References
HyperlinkResource
https://access.redhat.com/security/cve/CVE-2026-5172
vdb-entry
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2458521
issue-tracking
x_refsource_REDHAT
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5172.json
x_sadp-csaf-vex
https://access.redhat.com/errata/RHSA-2026:19158
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/security/cve/CVE-2026-5172
Resource:
vdb-entry
x_refsource_REDHAT
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2458521
Resource:
issue-tracking
x_refsource_REDHAT
Hyperlink: https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5172.json
Resource:
x_sadp-csaf-vex
Hyperlink: https://access.redhat.com/errata/RHSA-2026:19158
Resource:
vendor-advisory
x_refsource_REDHAT
Details not found