Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Aardvark-dns has incorrect error handling for malformed tcp packets
Vulnerability Description
Aardvark-dns is an authoritative dns server for A/AAAA container records. From 1.16.0 to 1.17.0, a truncated TCP DNS query followed by a connection reset causes aardvark-dns to enter an unrecoverable infinite error loop at 100% CPU. This vulnerability is fixed in 1.17.1.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
Aardvark-dns 资源管理错误漏洞
Vulnerability Description
Aardvark-dns是Containers开源的一个 dns 服务器。 Aardvark-dns 1.16.0至1.17.0版本存在资源管理错误漏洞,该漏洞源于被截断的TCP DNS查询和连接重置可能导致aardvark-dns进入不可恢复的无限错误循环,造成100% CPU占用。
CVSS Information
N/A
Vulnerability Type
N/A