CVE-2024-33655

Name of the Vulnerable Software and Affected Versions Unbound (affected versions not specified)

Description The issue is related to the DNS protocol, which allows remote attackers to cause a denial of service by arranging for DNS queries to be accumulated for seconds, such that responses are later sent in a pulsing burst. This can be considered traffic amplification in some cases, also known as the "DNSBomb" issue. The attack works by sending a slow stream of modified DNS requests to DNS servers, which relay the data, increasing the packet size and holding it to then release all at once in a burst of DNS traffic directly at the target. The research group claims to have tested their technique on 10 major DNS programs and 46 public DNS services and was able to launch DNSBomb at a rate of up to 8.7 Gbit/s, with DNS traffic increased up to 20,000 times its original size.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.