Unrated severityNVD Advisory· Published Nov 29, 2018· Updated Aug 5, 2024
CVE-2018-10851
CVE-2018-10851
Description
PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service.
Affected products
127- osv-coords126 versionspkg:rpm/opensuse/pdns&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/pdns-recursor&distro=openSUSE%20Tumbleweedpkg:rpm/suse/ardana-ansible&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-ansible&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-barbican&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-barbican&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-db&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-db&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-monasca&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-monasca&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-mq&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-mq&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-neutron&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-neutron&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-octavia&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-octavia&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-tempest&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-tempest&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/cobbler&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/crowbar-core&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/crowbar-ha&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/crowbar-openstack&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/documentation-hpe-helion-openstack-installation&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/documentation-hpe-helion-openstack-operations&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/documentation-hpe-helion-openstack-opsconsole&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/documentation-hpe-helion-openstack-planning&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/documentation-hpe-helion-openstack-security&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/documentation-hpe-helion-openstack-user&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/documentation-suse-openstack-cloud-deployment&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/documentation-suse-openstack-cloud-installation&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-operations&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-opsconsole&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-planning&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-security&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-supplement&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-supplement&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/documentation-suse-openstack-cloud-upstream-admin&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-upstream-admin&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/documentation-suse-openstack-cloud-upstream-user&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-upstream-user&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/documentation-suse-openstack-cloud-user&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/memcached&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/memcached&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/memcached&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-manila&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-manila&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-manila&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-manila-doc&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-manila-doc&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-manila-doc&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-neutron&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-neutron&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-neutron&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-neutron-doc&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-neutron-doc&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-neutron-doc&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-nova&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-nova&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-nova&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-nova-doc&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-nova-doc&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-nova-doc&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/pdns&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/pdns&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/pdns&distro=SUSE%20Package%20Hub%2012%20SP1pkg:rpm/suse/pdns&distro=SUSE%20Package%20Hub%2015pkg:rpm/suse/pdns-recursor&distro=SUSE%20Package%20Hub%2012%20SP1pkg:rpm/suse/pdns-recursor&distro=SUSE%20Package%20Hub%2015pkg:rpm/suse/py26-compat-salt&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/python-amqp&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-amqp&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-amqp&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/rubygem-puma&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/spacewalk-branding&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/spacewalk-java&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/spacewalk-utils&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Proxy%203.1pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/subscription-matcher&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/susemanager&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/susemanager-docs_en&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/susemanager-frontend-libs&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/susemanager-schema&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/tika-core&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/venv-openstack-aodh&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-aodh&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-barbican&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-barbican&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-ceilometer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-ceilometer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-cinder&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-cinder&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-designate&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-designate&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-freezer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-freezer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-glance&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-glance&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-heat&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-heat&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-ironic&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-ironic&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-keystone&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-keystone&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-magnum&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-magnum&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-manila&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-manila&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-monasca-ceilometer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-monasca-ceilometer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-murano&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-murano&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-neutron&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-neutron&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-nova&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-nova&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-octavia&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-octavia&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-sahara&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-sahara&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-trove&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-trove&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/zookeeper&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/zookeeper&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/zookeeper&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208
< 4.5.1-1.5+ 125 more
- (no CPE)range: < 4.5.1-1.5
- (no CPE)range: < 4.5.5-1.3
- (no CPE)range: < 8.0+git.1583432621.24fa60e-3.70.1
- (no CPE)range: < 8.0+git.1583432621.24fa60e-3.70.1
- (no CPE)range: < 8.0+git.1585152761.8ef3d61-4.33.1
- (no CPE)range: < 8.0+git.1585152761.8ef3d61-4.33.1
- (no CPE)range: < 8.0+git.1583944923.03cca6c-3.31.1
- (no CPE)range: < 8.0+git.1583944923.03cca6c-3.31.1
- (no CPE)range: < 8.0+git.1583944894.38f023a-3.24.1
- (no CPE)range: < 8.0+git.1583944894.38f023a-3.24.1
- (no CPE)range: < 8.0+git.1583944811.dc14403-3.19.1
- (no CPE)range: < 8.0+git.1583944811.dc14403-3.19.1
- (no CPE)range: < 8.0+git.1584715262.e4ea620-3.39.1
- (no CPE)range: < 8.0+git.1584715262.e4ea620-3.39.1
- (no CPE)range: < 8.0+git.1585171918.418f5cf-3.26.1
- (no CPE)range: < 8.0+git.1585171918.418f5cf-3.26.1
- (no CPE)range: < 8.0+git.1585311051.6ab5488-3.33.1
- (no CPE)range: < 8.0+git.1585311051.6ab5488-3.33.1
- (no CPE)range: < 2.6.6-5.25.1
- (no CPE)range: < 5.0+git.1585575551.16781d00d-3.38.1
- (no CPE)range: < 5.0+git.1585316176.344190f-3.32.1
- (no CPE)range: < 5.0+git.1585304226.2164b7895-4.37.1
- (no CPE)range: < 8.20200319-1.23.1
- (no CPE)range: < 8.20200319-1.23.1
- (no CPE)range: < 8.20200319-1.23.1
- (no CPE)range: < 8.20200319-1.23.1
- (no CPE)range: < 8.20200319-1.23.1
- (no CPE)range: < 8.20200319-1.23.1
- (no CPE)range: < 8.20200319-1.23.1
- (no CPE)range: < 8.20200319-1.23.1
- (no CPE)range: < 8.20200319-1.23.1
- (no CPE)range: < 8.20200319-1.23.1
- (no CPE)range: < 8.20200319-1.23.1
- (no CPE)range: < 8.20200319-1.23.1
- (no CPE)range: < 8.20200319-1.23.1
- (no CPE)range: < 8.20200319-1.23.1
- (no CPE)range: < 8.20200319-1.23.1
- (no CPE)range: < 8.20200319-1.23.1
- (no CPE)range: < 8.20200319-1.23.1
- (no CPE)range: < 8.20200319-1.23.1
- (no CPE)range: < 8.20200319-1.23.1
- (no CPE)range: < 1.5.17-3.3.1
- (no CPE)range: < 1.5.17-3.3.1
- (no CPE)range: < 1.5.17-3.3.1
- (no CPE)range: < 5.1.1~dev5-3.26.2
- (no CPE)range: < 5.1.1~dev5-3.26.2
- (no CPE)range: < 5.1.1~dev5-3.26.2
- (no CPE)range: < 5.1.1~dev5-3.26.1
- (no CPE)range: < 5.1.1~dev5-3.26.1
- (no CPE)range: < 5.1.1~dev5-3.26.1
- (no CPE)range: < 11.0.9~dev63-3.30.2
- (no CPE)range: < 11.0.9~dev63-3.30.2
- (no CPE)range: < 11.0.9~dev63-3.30.2
- (no CPE)range: < 11.0.9~dev63-3.30.1
- (no CPE)range: < 11.0.9~dev63-3.30.1
- (no CPE)range: < 11.0.9~dev63-3.30.1
- (no CPE)range: < 16.1.9~dev61-3.35.2
- (no CPE)range: < 16.1.9~dev61-3.35.2
- (no CPE)range: < 16.1.9~dev61-3.35.2
- (no CPE)range: < 16.1.9~dev61-3.35.1
- (no CPE)range: < 16.1.9~dev61-3.35.1
- (no CPE)range: < 16.1.9~dev61-3.35.1
- (no CPE)range: < 4.1.2-3.6.1
- (no CPE)range: < 4.1.2-3.6.1
- (no CPE)range: < 4.1.5-14.1
- (no CPE)range: < 4.1.2-bp150.2.3.1
- (no CPE)range: < 4.1.8-13.1
- (no CPE)range: < 4.1.2-bp150.2.3.1
- (no CPE)range: < 2016.11.10-1.19.3
- (no CPE)range: < 2.4.2-3.9.1
- (no CPE)range: < 2.4.2-3.9.1
- (no CPE)range: < 2.4.2-3.9.1
- (no CPE)range: < 2.16.0-3.6.1
- (no CPE)range: < 2.7.8.15-2.32.1
- (no CPE)range: < 2.7.2.17-2.31.3
- (no CPE)range: < 2.7.46.19-2.41.3
- (no CPE)range: < 2.7.10.11-2.23.3
- (no CPE)range: < 2.7.1.21-2.35.1
- (no CPE)range: < 2.7.1.21-2.35.1
- (no CPE)range: < 0.22-4.9.2
- (no CPE)range: < 3.1.19-2.34.2
- (no CPE)range: < 3.1-10.29.4
- (no CPE)range: < 3.1.2-3.10.1
- (no CPE)range: < 3.1.21-2.36.1
- (no CPE)range: < 1.20-1.6.2
- (no CPE)range: < 5.1.1~dev7-12.24.1
- (no CPE)range: < 5.1.1~dev7-12.24.1
- (no CPE)range: < 5.0.2~dev3-12.25.1
- (no CPE)range: < 5.0.2~dev3-12.25.1
- (no CPE)range: < 9.0.8~dev7-12.22.1
- (no CPE)range: < 9.0.8~dev7-12.22.1
- (no CPE)range: < 11.2.3~dev23-14.25.1
- (no CPE)range: < 11.2.3~dev23-14.25.1
- (no CPE)range: < 5.0.3~dev7-12.23.1
- (no CPE)range: < 5.0.3~dev7-12.23.1
- (no CPE)range: < 5.0.0.0~xrc2~dev2-10.20.1
- (no CPE)range: < 5.0.0.0~xrc2~dev2-10.20.1
- (no CPE)range: < 15.0.3~dev3-12.23.1
- (no CPE)range: < 15.0.3~dev3-12.23.1
- (no CPE)range: < 9.0.8~dev22-12.25.1
- (no CPE)range: < 9.0.8~dev22-12.25.1
- (no CPE)range: < 9.1.8~dev8-12.25.1
- (no CPE)range: < 9.1.8~dev8-12.25.1
- (no CPE)range: < 12.0.4~dev5-11.26.1
- (no CPE)range: < 12.0.4~dev5-11.26.1
- (no CPE)range: < 5.0.2_5.0.2_5.0.2~dev31-11.24.1
- (no CPE)range: < 5.0.2_5.0.2_5.0.2~dev31-11.24.1
- (no CPE)range: < 5.1.1~dev5-12.29.1
- (no CPE)range: < 5.1.1~dev5-12.29.1
- (no CPE)range: < 1.5.1_1.5.1_1.5.1~dev3-8.20.1
- (no CPE)range: < 1.5.1_1.5.1_1.5.1~dev3-8.20.1
- (no CPE)range: < 4.0.2~dev2-12.20.1
- (no CPE)range: < 4.0.2~dev2-12.20.1
- (no CPE)range: < 11.0.9~dev63-13.28.1
- (no CPE)range: < 11.0.9~dev63-13.28.1
- (no CPE)range: < 16.1.9~dev61-11.26.1
- (no CPE)range: < 16.1.9~dev61-11.26.1
- (no CPE)range: < 1.0.6~dev3-12.25.1
- (no CPE)range: < 1.0.6~dev3-12.25.1
- (no CPE)range: < 7.0.5~dev4-11.24.1
- (no CPE)range: < 7.0.5~dev4-11.24.1
- (no CPE)range: < 8.0.2~dev2-11.24.1
- (no CPE)range: < 8.0.2~dev2-11.24.1
- (no CPE)range: < 3.4.10-3.6.1
- (no CPE)range: < 3.4.10-3.6.1
- (no CPE)range: < 3.4.10-3.6.1
- Range: 3.2 to 4.1.4, excluding 4.1.5 and 4.0.9
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM
- doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-03.htmlmitrex_refsource_CONFIRM
- doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-04.htmlmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.