VDB
MAGEIA-2017-36
MAGEIA-2017-36
PUBLISHED
Florian Heinz and Martin Kluge reported that pdns-recursor parses all records present in a query regardless of whether they are needed or even legitimate, allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the pdns server, resulting in a partial denial of service if the system becomes overloaded (CVE-2016-7068).
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mageia | pdns-recursor | 0, 3.6.4-1.1.mga5, 0 |
| Mageia | libfm | 0, 1.2.5-3.1.mga6 |
Timeline
- Feb 2, 2017 CVE Updated
- Feb 2, 2017 CVE Published
- Mar 17, 2026 Distribution Patch
- Mar 17, 2026 Security Advisory
References
- Updated pdns-recursor packages fix security vulnerability advisory
- Updated pdns-recursor packages fix security vulnerability issue
- Updated pdns-recursor packages fix security vulnerability issue
- Updated pdns-recursor packages fix security vulnerability advisory
- Updated libfm packages fix PcManFM context menu Compress option advisory
- Updated libfm packages fix PcManFM context menu Compress option issue