Medium severity5.3NVD Advisory· Published Mar 31, 2026· Updated Apr 14, 2026
CVE-2026-24030
CVE-2026-24030
Description
An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly closed, but in some cases the system might enter an out-of-memory state instead and terminate the process.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- osv-coords2 versionspkg:rpm/opensuse/dnsdist&distro=openSUSE%20Tumbleweedpkg:rpm/suse/dnsdist&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7
< 2.0.3-1.1+ 1 more
- (no CPE)range: < 2.0.3-1.1
- (no CPE)range: < 1.9.12-150700.3.9.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.