An issue has been found in the DNSSEC parsing code of...
Moderate severity
Unreviewed
Published
May 13, 2022
to the GitHub Advisory Database
•
Updated Feb 1, 2023
Description
Published by the National Vulnerability Database
Jan 23, 2018
Published to the GitHub Advisory Database
May 13, 2022
Last updated
Feb 1, 2023
An issue has been found in the DNSSEC parsing code of PowerDNS Recursor from 4.0.0 up to and including 4.0.6 leading to a memory leak when parsing specially crafted DNSSEC ECDSA keys. These keys are only parsed when validation is enabled by setting dnssec to a value other than off or process-no-validate (default).
References