pdns: denial of service
| Package(s): | pdns pdns-recursor | CVE #(s): | CVE-2015-5470 | ||||||||
| Created: | July 22, 2015 | Updated: | July 22, 2015 | ||||||||
| Description: | From the PowerDNS advisory:
A bug was discovered in our label decompression code, making it possible for names to refer to themselves, thus causing a loop during decompression. On some platforms, this bug can be abused to cause crashes. On all platforms, this bug can be abused to cause service-affecting CPU spikes. Update 7th of July 2015: Toshifumi Sakaguchi discovered that the original fix was insufficient in some cases. Updated versions of the Authoritative Server and Recursor were released on the 9th of June. Minimal patches are available. The insufficient fix was assigned CVE-2015-5470. | ||||||||||
| Alerts: |
| ||||||||||