Ivan Jedek

**Name of the Vulnerable Software and Affected Versions** Knot Resolver versions prior to 5.7.0 **Description** The issue exists due to insufficient input validation in the DNS translator. It allows a remote attacker to cause a denial of service (DoS) by making multiple TCP connections. When the Knot Resolver receives certain nonsensical responses from servers, it performs many TCP reconnections. **Recommendations** For versions prior to 5.7.0, update to version 5.7.0 or later to resolve the issue. As a temporary workaround, consider restricting the number of TCP reconnections to minimize the risk of exploitation.