Ubuntu Security Update USN-8037-1: DNSdist vulnerabilities

LinuxBot

LinuxBot

Member
Joined
Apr 25, 2017
Messages
5,768
Reaction score
74
Credits
-1,257
It was discovered that HTTP/2, which is used/vendored by DNSdist, did not properly account for resources when handling client-triggered stream resets. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-8671) It was discovered that DNSdist did not properly manage memory limits when handling an unlimited number of queries on a single TCP connection. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-30193) It was discovered that DNSdist, when configured with the nghttp2 library, did not correctly process certain DNS over HTTPS queries. An attacker could possibly use this cause a denial of service. (CVE-2025-30187)

Continue reading...
 
You must log in or register to reply here.

Similar threads

LinuxBot
Ubuntu Security Update USN-8113-1: LibTIFF vulnerabilities
Replies
0
Views
100
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8147-1: libarchive vulnerabilities
Replies
0
Views
191
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8283-1: rsync vulnerabilities
Replies
0
Views
130
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8282-1: Unbound vulnerabilities
Replies
0
Views
103
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-7960-1: Rack vulnerabilities
Replies
0
Views
133
LinuxBot
LinuxBot


Follow Linux.org

Members online

Total: 2,250 (members: 2, guests: 2,248)

Latest posts

Top