Denial of Service Vulnerability in Knot Resolver by CZ.NIC
CVE-2018-1110

7.5HIGH

Key Information:

Vendor: Nic
Status: Knot-resolver
Vendor: CVE Published:; 30 March 2021

What is CVE-2018-1110?

A vulnerability exists in Knot Resolver prior to version 2.3.0 that allows an attacker to exploit malformed DNS messages. This flaw can lead to a denial of service, potentially disrupting the functionality of DNS resolution and impacting users who rely on the service for network connectivity. It is crucial for users to update to the latest version to mitigate risks associated with this vulnerability.

Affected Version(s)

knot-resolver Knot Resolver 2.3.0

References

https://bugzilla.redhat.com/show_bug.cgi?id=1944328

x_refsource_MISC

https://www.knot-resolver.cz/2018-04-23-knot-resolver-2.3...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 30, 2021
Vulnerability Reserved
Dec 4, 2017

CVE-2018-1110 Data

JSON

Nic

What is CVE-2018-1110?

Affected Version(s)

References

CVSS V3.1

Timeline