Get the latest tech news

Critical Cache Poisoning Vulnerability in Dnsmasq

[Dnsmasq-discuss] [Security Report] Critical Cache Poisoning Vulnerability in Dnsmasq 苗发生 mfs24 at mails.tsinghua.edu.cn Tue Aug 19 12:17:19 UTC 2025 Dear Dnsmasq Security Team, We would like to responsibly disclose a critical cache poisoning vulnerability affecting the Dnsmasq DNS software. The issue allows attackers to inject arbitrary malicious DNS resource records and poison domain names without requiring advanced techniques, only by leveraging a single special character.

The issue allows attackers to inject arbitrary malicious DNS resource records and poison domain names without requiring advanced techniques, only by leveraging a single special character. During this window, attackers can brute-force TxID (16-bit) and source port (16-bit) with a high probability of success (birthday paradox effect). Best regards, Fasheng Miao (Tsinghua University) Xiang Li (AOSP Laboratory, Nankai University) -------------- next part -------------- An HTML attachment was scrubbed... URL: < http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20250819/62972ab0/attachment-0001.htm> -------------- next part -------------- A non-text attachment was scrubbed... Name: Cache Poison_Report_Dnsmasq.pdf Type: application/pdf Size: 105040 bytes Desc: not available URL: < http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20250819/62972ab0/attachment-0001.pdf>

Get the Android app