PT-2023-20562 · Unknown+2 · Knot Resolver+2

Qifan Zhang

Published

2023-02-21

Updated

2025-03-14

CVE-2023-26249

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Knot Resolver versions prior to 5.6.0

Description The issue enables attackers to consume the resolver's resources, launching amplification attacks and potentially causing a denial of service. A single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response.

Recommendations For versions prior to 5.6.0, update to version 5.6.0 or later to resolve the issue.

Fix

DoS

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

ALT-PU-2023-1509

ALT-PU-2024-2060

CVE-2023-26249

Affected Products

Alt Linux

Debian

Knot Resolver

PT-2023-20562 · Unknown+2 · Knot Resolver+2

CVE-2023-26249

Weakness Enumeration

Related Identifiers

Affected Products

References · 22