[3.8] pdns: Multiple vulnerabilities (CVE-2018-10851, CVE-2018-14626)ID: oval:org.secpod.oval:def:1801541 | Date: (C)2019-09-18 (M)2022-12-01 |
Class: PATCH | Family: unix |
CVE-2018-10851: Crafted zone record can cause a denial of service¶ An issue has been found in PowerDNS Authoritative Server allowing an authorized user to cause a memory leak by inserting a specially crafted record in a zone under their control, then sending a DNS query for that record. The issue is due to the fact that some memory is allocated before the parsing and is not always properly released if the record is malformed. Affects: PowerDNS Authoritative from 3.3.0 up to and including 4.1.4 Not affected: 4.1.5, 4.0.6
Platform: |
Alpine Linux 3.8 |