CVE-2018-16855

CVSS 7.5 HIGHEPSS 59.5%CWE-125

In short

PowerDNS Recursor has a flaw where specially crafted DNS queries can cause the server to read memory it shouldn't access, potentially crashing it. This affects older versions before 4.1.8.

Technical detail

An out-of-bounds read vulnerability in PowerDNS Recursor's packet cache hash computation allows remote attackers to trigger memory access violations via malformed DNS queries. The vulnerability requires no authentication and can result in denial of service through application crash.

Summary generated and translated by AI from the official description.

An issue has been found in PowerDNS Recursor before version 4.1.8 where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a packet cache lookup, possibly leading to a crash.

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

[UNKNOWN] · pdns-recursor

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16855 https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-09.html