CVE-2018-10851

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions PowerDNS Authoritative Server versions 3.3.0 through 4.1.4 PowerDNS Recursor versions 3.2 through 4.1.4

Description The issue is related to a memory leak that occurs when parsing malformed records, which can lead to a remote denial of service.

Recommendations For PowerDNS Authoritative Server versions 3.3.0 through 4.1.4, update to version 4.1.5 or later to resolve the issue. For PowerDNS Recursor versions 3.2 through 4.1.4, update to version 4.1.5 or later to resolve the issue.

Fix

DoS

Missing Release of Resource after Effective Lifetime

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-772CWE-400

Related Identifiers

ALT-PU-2020-1325

ALT-PU-2020-1407

CVE-2018-10851

MGASA-2019-0008

MGASA-2019-0009

OPENSUSE-SU-2018:4062-1

OPENSUSE-SU-2018:4073-1

OPENSUSE-SU-2018:4175-1

OPENSUSE-SU-2018:4177-1

OPENSUSE-SU-2018_4151-1

OPENSUSE-SU-2018_4152-1

OPENSUSE-SU-2018_4156-1

OPENSUSE-SU-2018_4262-1

OPENSUSE-SU-2024:11156-1

OPENSUSE-SU-2024:11157-1

SUSE-RU-2019:0863-1

SUSE-SU-2019:0863-1

SUSE-SU-2020:1066-1

USN-7203-1

Affected Products

Alt Linux

Linuxmint

Powerdns Authoritative Server

Powerdns Recursor

Suse

Ubuntu

CVE-2018-10851

Weakness Enumeration

Related Identifiers

Affected Products

References · 154