CVE-2026-4890
Denial of Service in dnsmasq via DNSSEC Validation
Publication date: 2026-05-11
Last updated on: 2026-05-11
Assigner: CERT/CC
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| thekelleys | dnsmasq | to 2.92rel2 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-4890 is a Denial of Service (DoS) vulnerability found in the DNSSEC validation process of the dnsmasq software. This vulnerability allows remote attackers to send specially crafted DNS packets that cause the dnsmasq service to become unavailable or crash.
How can this vulnerability impact me? :
This vulnerability can impact you by causing a denial of service on systems running dnsmasq. Attackers can exploit this flaw remotely to disrupt DNS services, potentially leading to loss of network connectivity or interruption of services that rely on DNS resolution.
What immediate steps should I take to mitigate this vulnerability?
To mitigate the Denial of Service vulnerability in dnsmasq (CVE-2026-4890), you should update dnsmasq to the latest stable version where the issue is fixed.
The latest stable release, dnsmasq-2.92rel2, is available and likely contains security updates addressing this vulnerability.
Ensure you download the update from a trusted source and verify the integrity of the files using the provided cryptographic signatures.