Denial of Service Vulnerability in PowerDNS Recursor by PowerDNS
CVE-2025-30195

7.5HIGH

Key Information:

Vendor: Powerdns
Status: Recursor
Vendor: CVE Published:; 7 April 2025

Summary

A vulnerability exists in PowerDNS Recursor wherein an attacker may exploit it by publishing a zone with specific Resource Record Sets. This exploitation can trigger illegal memory accesses, which can result in the Recursor crashing. Consequently, this leads to a denial of service condition. To mitigate this vulnerability, users are advised to upgrade to the patched version 5.2.1. We acknowledge Volodymyr Ilyin for his contribution in identifying this issue.

Affected Version(s)

Recursor 5.2.0

References

https://docs.powerdns.com/recursor/security-advisories/po...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 7, 2025
Vulnerability Reserved
Mar 18, 2025

Credit

Volodymyr Ilyin