CVE-2018-10851
Summary
| CVE | CVE-2018-10851 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2018-11-29 18:29:00 UTC |
|---|
| Updated | 2019-10-09 23:33:00 UTC |
|---|
| Description | PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| PowerDNS Security Advisory 2018-03: Crafted zone record can cause a denial of service — PowerDNS Authoritative Server documentation |
CONFIRM |
doc.powerdns.com |
Vendor Advisory |
| PowerDNS Security Advisory 2018-04: Crafted answer can cause a denial of service — PowerDNS Recursor documentation |
CONFIRM |
doc.powerdns.com |
Vendor Advisory |
| 1588185 – (CVE-2018-10851) CVE-2018-10851 pdns: Memory leak while parsing malformed records |
CONFIRM |
bugzilla.redhat.com |
Issue Tracking, Third Party Advisory |
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 501112 Alpine Linux Security Update for pdns-recursor
- 501121 Alpine Linux Security Update for pdns
- 690653 Free Berkeley Software Distribution (FreeBSD) Security Update for powerdns-recursor (e9aa0e4c-ea8b-11e8-a5b7-00e04c1ea73d)
