CVE-2026-24028

A flaw was found in dnsdist and PowerDNS when custom Lua code uses newDNSPacketOverlay to parse DNS packets. A remote attacker could exploit this by sending a specially crafted DNS response packet, leading to an out-of-bounds read. This vulnerability might cause a system crash, resulting in a...

CVE-2026-24028

An attacker might be able to trigger an out-of-bounds read by sending a crafted DNS response packet, when custom Lua code uses newDNSPacketOverlay to parse DNS packets. The out-of-bounds read might trigger a crash, leading to a denial of service, or access unrelated memory, leading to potential...

CVE-2026-24028

An attacker might be able to trigger an out-of-bounds read by sending a crafted DNS response packet, when custom Lua code uses newDNSPacketOverlay to parse DNS packets. The out-of-bounds read might trigger a crash, leading to a denial of service, or access unrelated memory, leading to potential...

PowerDNS DNSdist 安全漏洞

PowerDNS DNSdist is a proxy software provided by PowerDNS, which offers capabilities for DNS traffic load balancing and security protection. PowerDNS DNSdist has a security vulnerability that stems from the use of newDNSPacketOverlay to parse DNS packets, leading to out-of-bounds read operations...

PT-2026-29243

Name of the Vulnerable Software and Affected Versions Versions prior to 2026 affected versions not specified Description An attacker could potentially trigger an out-of-bounds read by sending a specially crafted DNS response packet. This occurs when custom Lua code utilizes the newDNSPacketOverla...