{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-6507/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.5,"id":"CVE-2026-6507"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["dnsmasq","denial-of-service","cve-2026-6507"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eCVE-2026-6507 is an out-of-bounds write vulnerability affecting dnsmasq. The vulnerability is triggered when a dnsmasq server is configured with the \u003ccode\u003e--dhcp-split-relay\u003c/code\u003e option and receives a specially crafted BOOTREPLY packet from a remote attacker. Successful exploitation results in memory corruption, causing the dnsmasq daemon to crash and leading to a denial of service (DoS) condition. This vulnerability poses a significant threat to organizations relying on dnsmasq for DNS and DHCP services, potentially disrupting network connectivity and availability. The vulnerability was reported on April 17, 2026.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a target dnsmasq server running with the \u003ccode\u003e--dhcp-split-relay\u003c/code\u003e option enabled.\u003c/li\u003e\n\u003cli\u003eAttacker crafts a malicious BOOTREPLY packet specifically designed to trigger the out-of-bounds write vulnerability.\u003c/li\u003e\n\u003cli\u003eThe attacker sends the crafted BOOTREPLY packet to the targeted dnsmasq server.\u003c/li\u003e\n\u003cli\u003eThe dnsmasq server processes the malicious packet, leading to an out-of-bounds write in memory.\u003c/li\u003e\n\u003cli\u003eMemory corruption occurs due to the out-of-bounds write.\u003c/li\u003e\n\u003cli\u003eThe dnsmasq daemon encounters a critical error due to the memory corruption.\u003c/li\u003e\n\u003cli\u003eThe dnsmasq daemon crashes, interrupting DNS and DHCP services.\u003c/li\u003e\n\u003cli\u003eLegitimate clients are unable to resolve domain names or obtain IP addresses, resulting in a denial of service.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-6507 leads to a denial-of-service condition, disrupting network connectivity and potentially affecting all clients relying on the vulnerable dnsmasq server for DNS and DHCP services. The impact ranges from temporary network outages to complete service unavailability, depending on the criticality of the affected dnsmasq instance. The number of affected systems will vary based on the prevalence of dnsmasq deployments with the \u003ccode\u003e--dhcp-split-relay\u003c/code\u003e option enabled.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply the patch or upgrade to a non-vulnerable version of dnsmasq as provided by the vendor to remediate CVE-2026-6507 (\u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-6507)\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-6507)\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eDisable the \u003ccode\u003e--dhcp-split-relay\u003c/code\u003e option in dnsmasq configuration if it is not required, mitigating the attack vector (\u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-6507)\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-6507)\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for malformed BOOTREPLY packets targeting dnsmasq servers, using the \u0026ldquo;Detect Malformed BOOTREPLY Packets\u0026rdquo; Sigma rule.\u003c/li\u003e\n\u003cli\u003eEnable process crash monitoring on systems running dnsmasq to detect potential crashes resulting from exploitation attempts, using the \u0026ldquo;Detect Dnsmasq Process Crash\u0026rdquo; Sigma rule.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-17T13:16:14Z","date_published":"2026-04-17T13:16:14Z","id":"/briefs/2026-04-dnsmasq-dos/","summary":"A remote attacker can exploit an out-of-bounds write vulnerability (CVE-2026-6507) in dnsmasq by sending a specially crafted BOOTREPLY packet to a server configured with the `--dhcp-split-relay` option, leading to a denial of service.","title":"Dnsmasq Out-of-Bounds Write Vulnerability (CVE-2026-6507)","url":"https://feed.craftedsignal.io/briefs/2026-04-dnsmasq-dos/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-6507","version":"https://jsonfeed.org/version/1.1"}