Security Advisory Description
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. (CVE-2022-38178)
Impact
DNS resolution is disrupted while the namedprocess restarts. This vulnerability allows a remote unauthenticated attacker to cause a denial-of-service (DoS) on the namedprocess.