Out-of-Bounds Memory Read Vulnerability in PowerDNS Recursor
CVE-2018-16855

7.5HIGH

Key Information:

Vendor: [unknown]
Status: Pdns-recursor
Vendor: CVE Published:; 3 December 2018

What is CVE-2018-16855?

A vulnerability exists in PowerDNS Recursor versions prior to 4.1.8 that allows a remote attacker to exploit an out-of-bounds memory read while processing DNS queries. This issue occurs when the system computes a hash for packet cache lookups, potentially leading to a crash. It is crucial for users of affected versions to update to the latest releases to mitigate potential security risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

pdns-recursor 4.1.8

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16855

x_refsource_CONFIRM

https://docs.powerdns.com/recursor/security-advisories/po...

x_refsource_MISC

EPSS Score

19% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 3, 2018
Vulnerability Reserved
Sep 11, 2018

JSON

[unknown]

What is CVE-2018-16855?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

EPSS Score

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.