Code-execution flaws threaten users of routers, Linux, and other OSes Bugs in widely used Dnsmasq give attackers remote control of
Google researchers have discovered at least three software bugs in a widely used software package that may allow hackers to execute malicious code on vulnerable devices running Linux, FreeBSD, OpenBSD, NetBSD, and macOS, as well as proprietary firmware.
Dnsmasq, as the package is known, provides code that makes it easier for networked devices to communicate using the domain name system and the Dynamic Host Configuration Protocol. It's included in Android, Ubuntu, and most other Linux distributions, and it can also run on a variety of other operating systems and in router firmware. A blog post published Monday by security researchers with Google said they recently found seven vulnerabilities in Dnsmasq, three of which were flaws that allowed the remote execution of malicious code.