Description

In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a TCP exchange that triggers an exhaustion of the stack and a crash of DNSdist, causing a denial of service. The remedy is: upgrade to the patched 1.9.10 version. A workaround is to restrict the maximum number of queries on incoming TCP connections to a safe value, like 50, via the setMaxTCPQueriesPerConnection setting. We would like to thank Renaud Allard for bringing this issue to our attention.

INFO

Published Date :

2025-05-20T11:17:17.378Z

Last Modified :

2025-05-20T13:16:34.707Z

Source :

OX
AFFECTED PRODUCTS

The following products are affected by CVE-2025-30193 vulnerability.

Vendors Products
Powerdns
  • Dnsdist
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-30193.

URL Resource
https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2025-03.html cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact