I got my Debian Guest VM working without dnsmasq.
1.Removed dnsmasq completely.
2.Tried start Guest VM, virt-manager gives error about dnsmasq missing.
3.Edited “default” network xml file.
added: <dns enable="no"/>
removed: dhcp range
4.Tried start Guest VM again, all working.
Same should work with Whonix, since whonix don’t need dns or dhcp.
I hope you guys can fix this in whonix network xmls. And attack surface will be reduced.