PowerDNS Recursor up to and including 4.5.9, 4.6.2 and 4.7.1, when protobuf logging is enabled, has Improper Cleanup upon a Thrown Exception, leading to a denial of service (daemon crash) via a DNS query that leads to an answer with specific properties.
References
Configurations
History
07 Nov 2023, 03:49
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
29 Oct 2022, 02:52
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXSREJKTT6RNE3GXQENQ4R4HS37UNSPX/ - Mailing List, Third Party Advisory | |
First Time |
Fedoraproject
Fedoraproject fedora |
01 Sep 2022, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
26 Aug 2022, 20:38
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-459 | |
First Time |
Powerdns recursor
Powerdns |
|
CPE | cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:* | |
References | (MISC) https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2022-02.html - Vendor Advisory | |
References | (MISC) https://docs.powerdns.com/recursor/lua-config/protobuf.html - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
23 Aug 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-08-23 17:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-37428
Mitre link : CVE-2022-37428
CVE.ORG link : CVE-2022-37428
JSON object : View
Products Affected
fedoraproject
- fedora
powerdns
- recursor
CWE
CWE-459
Incomplete Cleanup