CVE-2025-12198

A vulnerability has been found in dnsmasq up to 2.73rc6. Affected is the function parse_hex of the file src/util.c of the component Config File Handler. The manipulation of the argument i leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. This attack requires manipulating config files which might not be a realistic scenario in many cases. The vendor was contacted early about this disclosure but did not respond in any way.

Published Unavailable

CVSS ScoreNone

0.0

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2025-12198

A vulnerability has been found in dnsmasq up to 2.73rc6. Affected is the function parse_hex of the file src/util.c of the component Config File Handler. The manipulation of the argument i leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. This attack requires manipulating config files which might not be a realistic scenario in many cases. The vendor was contacted early about this disclosure but did not respond in any way.

Published Unavailable

CVSS ScoreNone

0.0

No packages found

Try adjusting your search terms.

Ecosystem	Package	Version

No packages found

Try adjusting your search terms.

Find vulnerabilities. Fix fast with AI.

CVE-2025-12198

CVE-2025-12198

No packages found

No packages found