PowerDNS Security Advisory 2015-02

A bug was recently found in our DNS packet parsing/generation code, which, when exploited, can cause individual threads (disabling service) or whole processes (allowing a supervisor to restart them) to crash with just one or a few query packets.

  • CVE: CVE-2015-5230
  • Date: 2nd of September 2015
  • Credit: Pyry Hakulinen and Ashish Shakla at Automattic
  • Affects: PowerDNS Authoritative Server 3.4.0 through 3.4.5
  • Not affected: PowerDNS Authoritative Server 3.4.6
  • Severity: High
  • Impact: Degraded service or Denial of service
  • Exploit: This problem can be triggered by sending specially crafted query packets
  • Risk of system compromise: No
  • Solution: Upgrade to a non-affected version
  • Workaround: Run the Authoritative Server inside a supervisor when `distributor-threads` is set to `1` to prevent Denial of Service. No workaround for the degraded service exists

PowerDNS Authoritative Server 3.4.0-3.4.5 are affected. No other versions are affected. The PowerDNS Recursor is not affected.

PowerDNS Authoritative Server 3.4.6 contains a fix to this issue. A minimal patch is available.

This issue is entirely unrelated to Security Advisory 2015-01/CVE-2015-1868.

We’d like to thank Pyry Hakulinen and Ashish Shakla at Automattic for finding and subsequently reporting this bug.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s