Resource Consumption Vulnerability in Knot Resolver by CZ.NIC

CVE-2023-26249

What is CVE-2023-26249?

The flaw in Knot Resolver versions prior to 5.6.0 allows malicious clients to exploit resource management vulnerabilities, leading to amplification attacks. A typical scenario involves a single client query that instigates multiple TCP connection attempts when a DNS server fails to respond appropriately. This behavior can be harnessed to consume significant system resources and potentially disrupt service availability.

References