Search CVE reports
1 – 10 of 57 results
If you use the zoneToCache function with a malicious authoritative server, an attacker can send a zone that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service.
1 affected package
pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
An RPZ sent by a malicious authoritative server can result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service.
1 affected package
pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
An attacker can send replies that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service. Cookies are disabled by default.
1 affected package
pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A zone transition from NSEC to NSEC3 might trigger an internal inconsistency and cause a denial of service.
1 affected package
pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.
3 affected packages
dnsdist, pdns, pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dnsdist | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| pdns | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| pdns-recursor | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur with a malfunctioning RPZ provider.
1 affected package
pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
By publishing and querying a crafted zone an attacker can cause allocation of large entries in the negative and aggressive NSEC(3) caches.
1 affected package
pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.
3 affected packages
dnsdist, pdns, pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dnsdist | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| pdns | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| pdns-recursor | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.
1 affected package
pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Crafted zones can lead to increased incoming network traffic.
1 affected package
pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |