powerdns-recursor: denial of service

ID ASA-201504-27
Type archlinux
Reporter Arch Linux
Modified 2015-04-24T00:00:00


A bug was discovered in our label decompression code, making it possible for names to refer to themselves, thus causing a loop during decompression. This loop is capped at a 1000 iterations by a failsafe, making the issue harmless on most platforms. However, on specific platforms, the recursion involved in these 1000 steps causes memory corruption leading to a quick crash, presumably because the default stack is too small.