K000159016: PowerDNS vulnerability CVE-2025-59029

Security Advisory Description An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY. CVE-2025-59029 Impact There is no impact; F5 products are not affected by this...

CVE-2025-59029 Internal logic flaw in cache management can lead to a denial of service in PowerDNS Recursor

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY...

bind security update

32:9.11.36-16.4 - Change patches applying to use -P parameter 32:9.11.36-16.3 - Limit additional section records CPU processing CVE-2024-11187 - Correct ANY queries to not have additional data appended...

SUSE CVE-2019-9022

An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dnsgetrecord misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects phpparser...

USN-3172-1 bind9 vulnerabilities

It was discovered that Bind incorrectly handled certain malformed responses to an ANY query. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. CVE-2016-9131 It was discovered that Bind incorrectly handled certain malformed responses to an AN...

Microsoft DNS Server Validation Spoofing (MS09-008) - High Confidence (CVE-2009-0234)

A weakness exists in Microsoft DNS server implementation. The problem is caused by improper handling of negative results for DNS ANY queries. Remote attackers could exploit this vulnerability by sending numerous ANY queries to the target server, followed by malicious responses to the same server...