[Apollo] Advisories Statistics light light Login

RLSA-2026:19158

Security Mirrored from RHSA-2026:19158
Issued at: 2026-05-29
Updated at: 2026-05-29

Synopsis

Important: dnsmasq security update



Description

The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.

Security Fix(es):

* dnsmasq: dnsmasq: heap buffer overflow in cache via NAME_ESCAPE expansion (CVE-2026-2291)

* dnsmasq: NSEC bitmap parsing infinite loop (CVE-2026-4890)

* dnsmasq: RRSIG rdlen underflow leading to heap OOB read (CVE-2026-4891)

* dnsmasq: DHCPv6 CLID buffer overflow in helper process (CVE-2026-4892)

* dnsmasq: Broken ECS source validation bypass (CVE-2026-4893)

* dnsmasq: extract_addresses() OOB read via malformed rdlen (CVE-2026-5172)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 10 aarch64 Rocky Linux 10 ppc64le Rocky Linux 10 riscv64 Rocky Linux 10 s390x Rocky Linux 10 x86_64

Fixes

2458517 2439088 2458521 2458516 2458519 2458518

CVEs

CVE-2026-2291 CVE-2026-4890 CVE-2026-4891 CVE-2026-4892 CVE-2026-4893 CVE-2026-5172

Affected packages

Rocky Linux 10 x86_64 - AppStream

dnsmasq-debugsource-0:2.90-7.el10_2.x86_64.rpm dnsmasq-0:2.90-7.el10_2.src.rpm dnsmasq-0:2.90-7.el10_2.x86_64.rpm dnsmasq-utils-debuginfo-0:2.90-7.el10_2.x86_64.rpm dnsmasq-utils-0:2.90-7.el10_2.x86_64.rpm dnsmasq-debuginfo-0:2.90-7.el10_2.x86_64.rpm

Rocky Linux 10 aarch64 - AppStream

dnsmasq-0:2.90-7.el10_2.src.rpm dnsmasq-utils-debuginfo-0:2.90-7.el10_2.aarch64.rpm dnsmasq-debugsource-0:2.90-7.el10_2.aarch64.rpm dnsmasq-utils-0:2.90-7.el10_2.aarch64.rpm dnsmasq-0:2.90-7.el10_2.aarch64.rpm dnsmasq-debuginfo-0:2.90-7.el10_2.aarch64.rpm

Rocky Linux 10 ppc64le - AppStream

dnsmasq-0:2.90-7.el10_2.src.rpm dnsmasq-debuginfo-0:2.90-7.el10_2.ppc64le.rpm dnsmasq-utils-debuginfo-0:2.90-7.el10_2.ppc64le.rpm dnsmasq-debugsource-0:2.90-7.el10_2.ppc64le.rpm dnsmasq-utils-0:2.90-7.el10_2.ppc64le.rpm dnsmasq-0:2.90-7.el10_2.ppc64le.rpm

Rocky Linux 10 riscv64 - AppStream

dnsmasq-0:2.90-7.el10_2.src.rpm

Rocky Linux 10 s390x - AppStream

dnsmasq-0:2.90-7.el10_2.src.rpm dnsmasq-utils-debuginfo-0:2.90-7.el10_2.s390x.rpm dnsmasq-debuginfo-0:2.90-7.el10_2.s390x.rpm dnsmasq-debugsource-0:2.90-7.el10_2.s390x.rpm dnsmasq-0:2.90-7.el10_2.s390x.rpm dnsmasq-utils-0:2.90-7.el10_2.s390x.rpm