CVE-2025-1673

A malicious or malformed DNS packet without a payload can cause an out-of-bounds read, resulting in a crash (denial of service) or an incorrect computation.

CVE-2025-1674

A lack of input validation allows for out of bounds reads caused by malicious or malformed packets.

CVE-2025-1675

The function dns_copy_qname in dns_pack.c performs performs a memcpy operation with an untrusted field and does not check if the source buffer is large enough to contain the copied data.