CVE-2018-16855 log

Source
Severity Medium
Remote Yes
Type Denial of service
Description
An issue has been found in PowerDNS Recursor versions from 4.1.0 up to and including 4.1.7, where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a packet cache lookup, possibly leading to a crash.
Group Package Affected Fixed Severity Status Ticket
AVG-821 powerdns-recursor 4.1.7-1 4.1.8-1 Medium Fixed
Date Advisory Group Package Severity Type
28 Nov 2018 ASA-201811-21 AVG-821 powerdns-recursor Medium denial of service
References
https://seclists.org/oss-sec/2018/q4/183
https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-09.html
https://github.com/PowerDNS/pdns/commit/e412a949491886c13854587bbd06fa90ceb3a326