Vulnerability CVE-2018-10851: Information
Description
PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service.
Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
pdns | sisyphus | 4.2.1-alt1 | 4.8.4-alt1 | ALT-PU-2020-1325-1 | 246815 | Fixed |
pdns | p10 | 4.2.1-alt1 | 4.8.4-alt0.p10 | ALT-PU-2020-1325-1 | 246815 | Fixed |
pdns | p9 | 4.2.1-alt1 | 4.2.2-alt4.1 | ALT-PU-2020-1407-1 | 246979 | Fixed |
pdns | c10f1 | 4.2.1-alt1 | 4.6.3-alt2 | ALT-PU-2020-1325-1 | 246815 | Fixed |
pdns | c9f2 | 4.2.1-alt1 | 4.2.2-alt4.1 | ALT-PU-2020-1407-1 | 246979 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-04.html |
|
https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-03.html |
|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10851 |
|