DescriptionAn issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 3.7.4 and 4.0.4, allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the PowerDNS server by sending crafted DNS queries, which might result in a partial denial of service if the system becomes overloaded. This issue is based on the fact that the PowerDNS server parses all records present in a query regardless of whether they are needed or even legitimate. A specially crafted query containing a large number of records can be used to take advantage of that behaviour.
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.SUSE Bugzilla entry: 1018326 [RESOLVED / FIXED] SUSE Security Advisories:
- openSUSE-SU-2017:0183-1, published Tue, 17 Jan 2017 19:46:30 +0100 (CET)
- openSUSE-SU-2017:0221-1, published Fri, 20 Jan 2017 00:09:08 +0100 (CET)
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE Leap 42.1|| ||Patchnames:
|openSUSE Leap 42.2|| ||Patchnames:
Status of this issue by product and package
Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification.
|HPE Helion OpenStack 8||pdns||Already fixed|
|SUSE Openstack Cloud 8||pdns||Already fixed|