Unrated severityNVD Advisory· Published Jan 23, 2018· Updated Sep 16, 2024

CVE-2017-15094

Description

An issue has been found in the DNSSEC parsing code of PowerDNS Recursor from 4.0.0 up to and including 4.0.6 leading to a memory leak when parsing specially crafted DNSSEC ECDSA keys. These keys are only parsed when validation is enabled by setting dnssec to a value other than off or process-no-validate (default).

Affected products

osv-coords
pkg:rpm/opensuse/pdns-recursor&distro=openSUSE%20Tumbleweed
Range: < 4.5.5-1.3
PowerDNS/PowerDNS Recursorv5
Range: from 4.0.0 up to and including 4.0.6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/101982mitrevdb-entryx_refsource_BID
doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-07.htmlmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000