CVE-2026-24030
Last modified
CVE-2026-24030 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly closed, but in some cases the system might enter an out-of-memory state instead and terminate the process.. EPSS estimates a 0.54% chance of exploitation in the next 30 days.
Description
An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly closed, but in some cases the system might enter an out-of-memory state instead and terminate the process.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Powerdns | Dnsdist | >= 1.9.0, < 1.9.12 |
| Powerdns | Dnsdist | >= 2.0.0, < 2.0.3 |
References
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2026-24030?
How severe is CVE-2026-24030?
How do I fix CVE-2026-24030?
Are you affected by CVE-2026-24030?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST