---

CVE-2018-16855 - log back

CVE-2018-16855 created at 25 Sep 2019 19:31:40
Severity	+ Medium
Remote	+ Remote
Type	+ Denial of service
Description	+ An issue has been found in PowerDNS Recursor versions from 4.1.0 up to and including 4.1.7, where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a packet cache lookup, possibly leading to a crash.
References	+ https://seclists.org/oss-sec/2018/q4/183 + https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-09.html + https://github.com/PowerDNS/pdns/commit/e412a949491886c13854587bbd06fa90ceb3a326
Notes