DNS Server Vulnerability in CoreDNS Affecting Plugin Functionality

CVE-2025-58063

What is CVE-2025-58063?

CVE-2025-58063 is a vulnerability within CoreDNS, an open-source DNS server commonly used to manage and serve DNS queries in cloud-native environments. CoreDNS supports extensibility through its use of plugins, which enhance its functionality. This specific vulnerability affects the etcd plugin, which integrates CoreDNS with etcd, a distributed key-value store used for configuration and service discovery. The flaw arises from a misunderstanding in handling Time-To-Live (TTL) values due to incorrect handling of lease IDs; in some versions, these IDs are erroneously treated as TTLs. This treatment can lead to DNS cache pinning attacks, causing denial-of-service (DoS) conditions for affected services. Consequently, organizations relying on CoreDNS for DNS resolution may experience significant disruptions, potentially impacting service availability and operations.

Potential impact of CVE-2025-58063

1. Denial of Service (DoS): The vulnerability allows attackers to create a situation where DNS resolution for services is hindered, leading to prolonged outages and service degradation.

2. Cache Pinning Attacks: Exploiting the vulnerability enables attackers to manipulate DNS caching behaviors, making it difficult to refresh or invalidate DNS records, which could create confusion or direct traffic to malicious endpoints.

3. Operational Disruption: Organizations may face significant operational challenges as core services become unreachable, leading to potential revenue loss and damage to reputation as clients and users experience issues accessing services.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References