dnsmasq Config File util.c parse_hex heap-based overflow_CVE-2025-12198

8.5 / 10

HIGH

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in dnsmasq up to 2.73rc6. Affected is the function parse_hex of the file src/util.c of the component Config File Handler. The manipulation of the argument i leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AI Analysis

Heap-based buffer overflow in dnsmasq's Config File Handler

Basic Information

ID CVE-2025-12198

Source VulDB

Published Oct 27, 2025 at 00:58

Affected Product

Vendor n/a

Product dnsmasq

Version 2.73rc1

Affected Versions n/a dnsmasq 2.73rc1
n/a dnsmasq 2.73rc2
n/a dnsmasq 2.73rc3
n/a dnsmasq 2.73rc4
n/a dnsmasq 2.73rc5
n/a dnsmasq 2.73rc6

CWE Classification

CWE-122 CWE-119

AI Assessment

AI Score 8.5 / 10

AI Severity High

Vendor Simon Kelley

Product dnsmasq

Version 2.73rc1, 2.73rc2, 2.73rc3, 2.73rc4, 2.73rc5, 2.73rc6

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in dnsmasq up to 2.73rc6. Affected is the function parse_hex of the file src/util.c of the component Config File Handler. The manipulation of the argument i leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2025-10-27T00:58:12.511Z",
    "modified": "2025-10-27T00:58:12.511Z",
    "type": "cve",
    "title": "dnsmasq Config File util.c parse_hex heap-based overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.329868\nhttps://vuldb.com/?ctiid.329868\nhttps://vuldb.com/?submit.673138\nhttps://shimo.im/docs/1d3aMVMmNmiLjg3g/",
    "id": "CVE-2025-12198",
    "bulletinFamily": "",
    "cwe": [
        "CWE-122",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "n/a dnsmasq 2.73rc1\nn/a dnsmasq 2.73rc2\nn/a dnsmasq 2.73rc3\nn/a dnsmasq 2.73rc4\nn/a dnsmasq 2.73rc5\nn/a dnsmasq 2.73rc6",
    "sourceHref": "",
    "cvss": {
        "score": 8.5,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "dnsmasq",
    "version": "2.73rc1",
    "vendor": "n/a",
    "ai_description": "Heap-based buffer overflow in dnsmasq's Config File Handler",
    "ai_severity": "High",
    "ai_vendor": "Simon Kelley",
    "ai_product": "dnsmasq",
    "ai_version": "2.73rc1, 2.73rc2, 2.73rc3, 2.73rc4, 2.73rc5, 2.73rc6",
    "ai_score": 8.5
}