Untriaged
Permalink
CVE-2025-30194
7.5 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): HIGH
Denial of service via crafted DoH exchange
When DNSdist is configured to provide DoH via the nghttp2 provider, an attacker can cause a denial of service by crafting a DoH exchange that triggers an illegal memory access (double-free) and crash of DNSdist, causing a denial of service. The remedy is: upgrade to the patched 1.9.9 version. A workaround is to temporarily switch to the h2o provider until DNSdist has been upgraded to a fixed version. We would like to thank Charles Howes for bringing this issue to our attention.
References
- https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2025-02.h…
- http://www.openwall.com/lists/oss-security/2025/04/29/1
- https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2025-02.h…
- http://www.openwall.com/lists/oss-security/2025/04/29/1
- https://www.vicarius.io/vsociety/posts/cve-2025-30194-detection-dnsdist-vulnera…
- https://www.vicarius.io/vsociety/posts/cve-2025-30194-mitigate-dnsdist-vulnerab…
Affected products
dnsdist
- <1.9.9
Package maintainers
-
@jojosch Johannes Schleifenbaum <johannes@js-webcoding.de>