CVE-2025-30194

by Fred · 29/04/2025

When DNSdist is configured to provide DoH via the nghttp2 provider, an attacker can cause a denial of service by crafting a DoH exchange that triggers an illegal memory access (double-free) and crash of DNSdist, causing a denial of service.

The remedy is: upgrade to the patched 1.9.9 version.

A workaround is to temporarily switch to the h2o provider until DNSdist has been upgraded to a fixed version.

We would like to thank Charles Howes for bringing this issue to our attention.

More information : https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2025-02.html

CVE-2025-30194

Similar

Recent Posts

Categories

CVE-2025-30194

Share this:

Similar

Recent Posts

Categories

Tags