CVE Vulnerabilities

CVE-2026-4890

Loop with Unreachable Exit Condition ('Infinite Loop')

Published: May 11, 2026 | Modified: Jul 02, 2026
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
7.5 IMPORTANT
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ubuntu
MEDIUM
root.io logo minimus.io logo echo.ai logo

A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.

Weakness

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Affected Software

NameVendorStart VersionEnd Version
Red Hat Enterprise Linux 10RedHatdnsmasq-0:2.90-7.el10_2*
Red Hat Enterprise Linux 8RedHatdnsmasq-0:2.79-36.el8_10*
Red Hat Enterprise Linux 9RedHatdnsmasq-0:2.85-18.el9_8.1*
Red Hat Enterprise Linux 9.6 Extended Update SupportRedHatdnsmasq-0:2.85-17.el9_6.1*
DnsmasqUbuntudevel*
DnsmasqUbuntuesm-infra-legacy/xenial*
DnsmasqUbuntuesm-infra/bionic*
DnsmasqUbuntuesm-infra/focal*
DnsmasqUbuntuesm-infra/xenial*
DnsmasqUbuntujammy*
DnsmasqUbuntunoble*
DnsmasqUbuntuquesting*
DnsmasqUbunturesolute*

References