Nixpkgs Security Tracker

Untriaged

Permalink CVE-2024-25590

7.5 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months, 1 week ago

Crafted responses can lead to a denial of service due to cache inefficiencies in the Recursor

An attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and caching results for these sets can lead to a denial of service.

References

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-0…
http://www.openwall.com/lists/oss-security/2024/10/03/3

Affected products

pdns-recursor

<5.0.9
<4.9.9
<5.1.2

Matching in nixpkgs

pkgs.pdns-recursor

Recursive DNS server

nixos-unstable -
- nixpkgs-unstable 5.2.5

Package maintainers

@rnhmjoj Michele Guerini Rocco <rnhmjoj@inventati.org>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.pdns-recursor

Package maintainers