PowerDNS Security Advisory 2015-03

Nov 9, 2015
  • CVE: CVE-2015-5311
  • Date: November 9th 2015
  • Credit: Christian Hofstaedtler of Deduktiva GmbH
  • Affects: PowerDNS Authoritative Server 3.4.4 through 3.4.6
  • Not affected: PowerDNS Authoritative Server 3.3.x and 3.4.7 and up
  • Severity: High
  • Impact: Degraded service or Denial of service
  • Exploit: This problem can be triggered by sending specially crafted query packets
  • Risk of system compromise: No
  • Solution: Upgrade to a non-affected version
  • Workaround: run the process inside the guardian or inside a supervisor

A bug was found using afl-fuzz in our packet parsing code. This bug, when exploited, causes an assertion error and consequent termination of the the pdns_server process, causing a Denial of Service.

When the PowerDNS Authoritative Server is run inside the guardian (--guardian), or inside a supervisor like supervisord or systemd, it will be automatically restarted, limiting the impact to a somewhat degraded service.

PowerDNS Authoritative Server 3.4.4 – 3.4.6 are affected. No other versions are affected. The PowerDNS Recursor is not affected.

PowerDNS Authoritative Server 3.4.7 contains a fix to this issue. A minimal patch is available here.

This issue is unrelated to the issues in our previous two Security Announcements (2015-01 and 2015-02).

We’d like to thank Christian Hofstaedtler of Deduktiva GmbH for finding and reporting this issue.

About the author

Pieter Lexis

Pieter Lexis

Senior Developer at PowerDNS

Related Articles

PowerDNS Authoritative Server Security Notification 2012-01

CVE CVE-2012-0206 Date 10th of January 2012 Credit Ray Morris of BetterCGI.com. Affects Most PowerDNS Authoritative Server...

Bert Hubert 01/3/12

PowerDNS Security Status Polling

PowerDNS software sadly sometimes has critical security bugs. Even though we send out notifications of these via all...

Bert Hubert 10/4/14

PowerDNS Security Advisory 2015-02

A bug was recently found in our DNS packet parsing/generation code, which, when exploited, can cause individual threads...

Pieter Lexis 09/4/15

Enabling continuous fuzzing of PowerDNS products

We are very happy to announce that PowerDNS recently joined the OSS-Fuzz initiative, enabling continuous fuzzing for...

Peter van Dijk 12/4/18