Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 10 of 13 results

CVE-2023-50868

Medium priority

Some fixes available 20 of 42

The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random...

7 affected packages

bind9, bind9-libs, dnsmasq, isc-dhcp, knot-resolver...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bind9 Fixed Fixed Fixed Fixed Fixed
bind9-libs Not in release Needs evaluation Needs evaluation Not in release Not in release
dnsmasq Fixed Fixed Fixed Fixed Fixed
isc-dhcp Needs evaluation Not affected Not affected Needs evaluation Not affected
knot-resolver Vulnerable Needs evaluation Needs evaluation Needs evaluation Needs evaluation
pdns-recursor Vulnerable Needs evaluation Needs evaluation Needs evaluation Needs evaluation
unbound Fixed Fixed Fixed Needs evaluation Needs evaluation
Show all 7 packages Show less packages

CVE-2023-50387

Medium priority

Some fixes available 20 of 42

Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of...

7 affected packages

bind9, bind9-libs, dnsmasq, isc-dhcp, knot-resolver...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bind9 Fixed Fixed Fixed Fixed Fixed
bind9-libs Not in release Needs evaluation Needs evaluation Not in release Not in release
dnsmasq Fixed Fixed Fixed Fixed Fixed
isc-dhcp Needs evaluation Not affected Not affected Needs evaluation Not affected
knot-resolver Vulnerable Needs evaluation Needs evaluation Needs evaluation Needs evaluation
pdns-recursor Vulnerable Needs evaluation Needs evaluation Needs evaluation Needs evaluation
unbound Fixed Fixed Fixed Needs evaluation Needs evaluation
Show all 7 packages Show less packages

CVE-2023-46317

Medium priority
Needs evaluation

Knot Resolver before 5.7.0 performs many TCP reconnections upon receiving certain nonsensical responses from servers.

1 affected packages

knot-resolver

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
knot-resolver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-26249

Medium priority
Vulnerable

Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts...

1 affected packages

knot-resolver

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
knot-resolver Not affected Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2022-40188

Medium priority
Fixed

Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets.

1 affected packages

knot-resolver

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
knot-resolver Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-32983

Medium priority
Vulnerable

Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters.

1 affected packages

knot-resolver

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
knot-resolver Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2021-40083

Medium priority
Ignored

Knot Resolver before 5.3.2 is prone to an assertion failure, triggerable by a remote attacker in an edge case (NSEC3 with too many iterations used for a positive wildcard proof).

1 affected packages

knot-resolver

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
knot-resolver Not affected Not affected Not affected Not affected
Show less packages

CVE-2018-1110

Medium priority
Vulnerable

A flaw was found in knot-resolver before version 2.3.0. Malformed DNS messages may cause denial of service.

1 affected packages

knot-resolver

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
knot-resolver Not affected Not affected Not affected Vulnerable Vulnerable
Show less packages

CVE-2020-12667

Medium priority

Some fixes available 1 of 4

Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.

1 affected packages

knot-resolver

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
knot-resolver Not affected Not affected Fixed Vulnerable Vulnerable
Show less packages

CVE-2019-19331

Medium priority

Some fixes available 1 of 8

knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU...

1 affected packages

knot-resolver

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
knot-resolver Not affected Not affected Fixed Vulnerable Vulnerable
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. Next page
Export to JSON