CVE-2025-30193

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions DNSdist versions prior to 1.9.10

Description In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a TCP exchange that triggers an exhaustion of the stack and a crash of DNSdist, causing a denial of service.

Recommendations Upgrade to the patched 1.9.10 version. As a temporary workaround, consider restricting the maximum number of queries on incoming TCP connections to a safe value, like 50, via the setMaxTCPQueriesPerConnection setting.

Fix

DoS

Uncontrolled Recursion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-674

Related Identifiers

BDU:2025-11255

CVE-2025-30193

OPENSUSE-SU-2025_01745-1

SUSE-SU-2025:01743-1

SUSE-SU-2025:01745-1

SUSE-SU-2025:01792-1

SUSE-SU-2025_01743-1

SUSE-SU-2025_01745-1

SUSE-SU-2025_01792-1

USN-8037-1

Affected Products

Dnsdist

Debian

Linuxmint

Red Os

Suse

Ubuntu

CVE-2025-30193

Weakness Enumeration

Related Identifiers

Affected Products

References · 36