CVE-2024-25581
CVSS V2 None
CVSS V3 None
Description
When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to a tcp-only or DNS over TLS backend, an attacker can trigger an assertion failure in DNSdist by sending a request for a zone transfer (AXFR or IXFR) over DNS over HTTPS, causing the process to stop and thus leading to a Denial of Service. DNS over HTTPS is not enabled by default, and backends are using plain DNS (Do53) by default.
Overview
- CVE ID
- CVE-2024-25581
- Assigner
- OX
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-05-13T11:49:24.500Z
- Last Modified Date
- 2024-05-13T11:49:24.500Z
Weakness Enumerations
References
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-25581 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25581 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-26 12:37:15 | Added to TrackCVE |