CVE-2023-26249

2023-02-2102:15:10

Debian Security Bug Tracker

security-tracker.debian.org

knot resolver

resource consumption

amplification attacks

denial of service

tcp connection

dns server

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

39.0%

JSON

Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response.

OSVersionArchitecturePackageVersionFilename
Debian12allknot-resolver< 5.6.0-1knot-resolver_5.6.0-1_all.deb
Debian11allknot-resolver<= 5.3.1-1+deb11u1knot-resolver_5.3.1-1+deb11u1_all.deb
Debian999allknot-resolver< 5.6.0-1knot-resolver_5.6.0-1_all.deb
Debian13allknot-resolver< 5.6.0-1knot-resolver_5.6.0-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	knot-resolver	< 5.6.0-1	knot-resolver_5.6.0-1_all.deb
Debian	11	all	knot-resolver	<= 5.3.1-1+deb11u1	knot-resolver_5.3.1-1+deb11u1_all.deb
Debian	999	all	knot-resolver	< 5.6.0-1	knot-resolver_5.6.0-1_all.deb
Debian	13	all	knot-resolver	< 5.6.0-1	knot-resolver_5.6.0-1_all.deb