CVE-2025-12198 - OpenCVE

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Based on the analysis by MITRE and review of community feedback, the reported conditions represent expected and intentional behavior within dnsmasq's documented design, rather than security vulnerabilities.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Dnsmasq	Dnsmasq

No data.

References

Link	Providers
https://nvd.nist.gov/vuln/detail/CVE-2025-12198
https://shimo.im/docs/1d3aMVMmNmiLjg3g/
https://vuldb.com/?ctiid.329868
https://vuldb.com/?id.329868
https://vuldb.com/?submit.673138
https://www.cve.org/CVERecord?id=CVE-2025-12198

History

Mon, 03 Nov 2025 23:30:00 +0000

Type	Values Removed	Values Added
References	https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2025q4/018337.html https://news.ycombinator.com/item?id=45727137 https://shimo.im/docs/1d3aMVMmNmiLjg3g https://www.openwall.com/lists/oss-security/2025/10/27/1
Metrics	cvssV2_0 `{'score': 6.8, 'vector': 'AV:L/AC:L/Au:S/C:C/I:C/A:C'}` cvssV4_0 `{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X'}`

Mon, 03 Nov 2025 23:15:00 +0000

Type	Values Removed	Values Added
Title	dnsmasq Config File util.c parse_hex heap-based overflow	dnsmasq: dnsmasq Config File util.c parse_hex heap-based overflow
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}` cvssV3_1 `{'score': 4.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H'}`	cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

Mon, 03 Nov 2025 23:00:00 +0000

Type	Values Removed	Values Added
Description	A vulnerability has been found in dnsmasq up to 2.73rc6. Affected is the function parse_hex of the file src/util.c of the component Config File Handler. The manipulation of the argument i leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. This attack requires manipulating config files which might not be a realistic scenario in many cases. The vendor was contacted early about this disclosure but did not respond in any way.	REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Based on the analysis by MITRE and review of community feedback, the reported conditions represent expected and intentional behavior within dnsmasq's documented design, rather than security vulnerabilities.
Metrics	cvssV3_0 `{'score': 7.8, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}` cvssV2_0 `{'score': 6.8, 'vector': 'AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}` cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}`	cvssV2_0 `{'score': 6.8, 'vector': 'AV:L/AC:L/Au:S/C:C/I:C/A:C'}` cvssV3_1 `{'score': 4.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H'}` cvssV4_0 `{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X'}`

Mon, 03 Nov 2025 18:30:00 +0000

Type	Values Removed	Values Added
Description	A vulnerability has been found in dnsmasq up to 2.73rc6. Affected is the function parse_hex of the file src/util.c of the component Config File Handler. The manipulation of the argument i leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.	A vulnerability has been found in dnsmasq up to 2.73rc6. Affected is the function parse_hex of the file src/util.c of the component Config File Handler. The manipulation of the argument i leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. This attack requires manipulating config files which might not be a realistic scenario in many cases. The vendor was contacted early about this disclosure but did not respond in any way.

Sat, 01 Nov 2025 19:15:00 +0000

Type	Values Removed	Values Added
References		https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2025q4/018337.html
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 28 Oct 2025 16:15:00 +0000

Type	Values Removed	Values Added
References		https://shimo.im/docs/1d3aMVMmNmiLjg3g
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 28 Oct 2025 02:30:00 +0000

Type	Values Removed	Values Added
References		https://news.ycombinator.com/item?id=45727137

Tue, 28 Oct 2025 01:30:00 +0000

Type	Values Removed	Values Added
References		https://www.openwall.com/lists/oss-security/2025/10/27/1

Mon, 27 Oct 2025 22:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Dnsmasq Dnsmasq dnsmasq
Vendors & Products		Dnsmasq Dnsmasq dnsmasq

Mon, 27 Oct 2025 12:15:00 +0000

Type	Values Removed	Values Added
References		https://nvd.nist.gov/vuln/detail/CVE-2025-12198 https://www.cve.org/CVERecord?id=CVE-2025-12198
Metrics	threat_severity `None`	threat_severity `Important`

Mon, 27 Oct 2025 01:15:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability has been found in dnsmasq up to 2.73rc6. Affected is the function parse_hex of the file src/util.c of the component Config File Handler. The manipulation of the argument i leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title		dnsmasq Config File util.c parse_hex heap-based overflow
Weaknesses		CWE-119 CWE-122
References		https://shimo.im/docs/1d3aMVMmNmiLjg3g/ https://vuldb.com/?ctiid.329868 https://vuldb.com/?id.329868 https://vuldb.com/?submit.673138
Metrics		cvssV2_0 `{'score': 6.8, 'vector': 'AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 7.8, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}`

MITRE

Status: REJECTED

Assigner: VulDB

Published: 2025-10-27T00:58:12.511Z

Updated: 2025-11-03T22:47:37.697Z

Reserved: 2025-10-25T06:21:53.115Z

Link: CVE-2025-12198

Vulnrichment

Updated:

NVD

Status : Rejected

Published: 2025-10-27T01:15:38.857

Modified: 2025-11-03T23:17:36.100

Link: CVE-2025-12198

Redhat

Severity : Important

Publid Date: 2025-10-27T00:58:12Z

Links: CVE-2025-12198 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object