Headline
CVE-2022-40188: release 5.5.3 (!1343) · Merge requests · Knot projects / Knot Resolver · GitLab
Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets.
Merged requested to merge release-5.5.3 into master Sep 21, 2022
Related news
Ubuntu Security Notice USN-6225-1
Ubuntu Security Notice 6225-1 - It was discovered that Knot Resolver did not correctly handle certain client options. A remote attacker could send requests to malicious domains and cause a denial of service.