Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-24030 (GCVE-0-2026-24030)
Vulnerability from cvelistv5 – Published: 2026-03-31 12:01 – Updated: 2026-03-31 13:14
VLAI
EPSS
Title
Unbounded memory allocation for DoQ and DoH3
Summary
An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly closed, but in some cases the system might enter an out-of-memory state instead and terminate the process.
Severity
5.3 (Medium)
CWE
- Uncontrolled Memory Allocation
Assigner
References
1 reference
Impacted products
Date Public
2026-03-30 22:00
Credits
XavLimSG
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24030",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-31T13:14:53.937284Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-789",
"description": "CWE-789 Memory Allocation with Excessive Size Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T13:14:57.345Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.powerdns.com/",
"defaultStatus": "unaffected",
"modules": [
"Incoming DNS over QUIC",
"Incoming DNS over HTTP/3"
],
"packageName": "dnsdist",
"product": "DNSdist",
"programFiles": [
"doq.cc",
"doh3.cc"
],
"repo": "https://github.com/PowerDNS/pdns",
"vendor": "PowerDNS",
"versions": [
{
"lessThan": "1.9.12",
"status": "affected",
"version": "1.9.0",
"versionType": "semver"
},
{
"lessThan": "2.0.3",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "XavLimSG"
}
],
"datePublic": "2026-03-30T22:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly closed, but in some cases the system might enter an out-of-memory state instead and terminate the process.\u003c/p\u003e"
}
],
"value": "An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly closed, but in some cases the system might enter an out-of-memory state instead and terminate the process."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Uncontrolled Memory Allocation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T12:01:00.883Z",
"orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
"shortName": "OX"
},
"references": [
{
"url": "https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-02.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unbounded memory allocation for DoQ and DoH3",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
"assignerShortName": "OX",
"cveId": "CVE-2026-24030",
"datePublished": "2026-03-31T12:01:00.883Z",
"dateReserved": "2026-01-20T14:56:25.872Z",
"dateUpdated": "2026-03-31T13:14:57.345Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-24030",
"date": "2026-05-28",
"epss": "6e-05",
"percentile": "0.00395"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-24030\",\"sourceIdentifier\":\"security@open-xchange.com\",\"published\":\"2026-03-31T12:16:27.770\",\"lastModified\":\"2026-04-14T16:15:28.823\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly closed, but in some cases the system might enter an out-of-memory state instead and terminate the process.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@open-xchange.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-789\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:powerdns:dnsdist:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.9.0\",\"versionEndExcluding\":\"1.9.12\",\"matchCriteriaId\":\"628B3B94-81DE-496E-B36A-B79A3DFFE1F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:powerdns:dnsdist:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.0\",\"versionEndExcluding\":\"2.0.3\",\"matchCriteriaId\":\"9AC850DD-FDD8-4C48-B861-4BBAF423FF57\"}]}]}],\"references\":[{\"url\":\"https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-02.html\",\"source\":\"security@open-xchange.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-24030\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-31T13:14:53.937284Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-789\", \"description\": \"CWE-789 Memory Allocation with Excessive Size Value\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-31T13:14:48.598Z\"}}], \"cna\": {\"title\": \"Unbounded memory allocation for DoQ and DoH3\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"XavLimSG\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://github.com/PowerDNS/pdns\", \"vendor\": \"PowerDNS\", \"modules\": [\"Incoming DNS over QUIC\", \"Incoming DNS over HTTP/3\"], \"product\": \"DNSdist\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.9.0\", \"lessThan\": \"1.9.12\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"2.0.0\", \"lessThan\": \"2.0.3\", \"versionType\": \"semver\"}], \"packageName\": \"dnsdist\", \"programFiles\": [\"doq.cc\", \"doh3.cc\"], \"collectionURL\": \"https://repo.powerdns.com/\", \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2026-03-30T22:00:00.000Z\", \"references\": [{\"url\": \"https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-02.html\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.5.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly closed, but in some cases the system might enter an out-of-memory state instead and terminate the process.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eAn attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly closed, but in some cases the system might enter an out-of-memory state instead and terminate the process.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"Uncontrolled Memory Allocation\"}]}], \"providerMetadata\": {\"orgId\": \"8ce71d90-2354-404b-a86e-bec2cc4e6981\", \"shortName\": \"OX\", \"dateUpdated\": \"2026-03-31T12:01:00.883Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-24030\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-31T13:14:57.345Z\", \"dateReserved\": \"2026-01-20T14:56:25.872Z\", \"assignerOrgId\": \"8ce71d90-2354-404b-a86e-bec2cc4e6981\", \"datePublished\": \"2026-03-31T12:01:00.883Z\", \"assignerShortName\": \"OX\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
FKIE_CVE-2026-24030
Vulnerability from fkie_nvd - Published: 2026-03-31 12:16 - Updated: 2026-04-14 16:15
Severity
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly closed, but in some cases the system might enter an out-of-memory state instead and terminate the process.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:powerdns:dnsdist:*:*:*:*:*:*:*:*",
"matchCriteriaId": "628B3B94-81DE-496E-B36A-B79A3DFFE1F4",
"versionEndExcluding": "1.9.12",
"versionStartIncluding": "1.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:powerdns:dnsdist:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC850DD-FDD8-4C48-B861-4BBAF423FF57",
"versionEndExcluding": "2.0.3",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly closed, but in some cases the system might enter an out-of-memory state instead and terminate the process."
}
],
"id": "CVE-2026-24030",
"lastModified": "2026-04-14T16:15:28.823",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "security@open-xchange.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2026-03-31T12:16:27.770",
"references": [
{
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-02.html"
}
],
"sourceIdentifier": "security@open-xchange.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-789"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
GHSA-V2VV-6Q75-RVC9
Vulnerability from github – Published: 2026-03-31 12:31 – Updated: 2026-03-31 12:31
VLAI
Details
An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly closed, but in some cases the system might enter an out-of-memory state instead and terminate the process.
Severity
5.3 (Medium)
{
"affected": [],
"aliases": [
"CVE-2026-24030"
],
"database_specific": {
"cwe_ids": [
"CWE-789"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-31T12:16:27Z",
"severity": "MODERATE"
},
"details": "An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly closed, but in some cases the system might enter an out-of-memory state instead and terminate the process.",
"id": "GHSA-v2vv-6q75-rvc9",
"modified": "2026-03-31T12:31:35Z",
"published": "2026-03-31T12:31:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24030"
},
{
"type": "WEB",
"url": "https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-02.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
OPENSUSE-SU-2026:10473-1
Vulnerability from csaf_opensuse - Published: 2026-04-01 00:00 - Updated: 2026-04-01 00:00Summary
dnsdist-2.0.3-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: dnsdist-2.0.3-1.1 on GA media
Description of the patch: These are all security issues fixed in the dnsdist-2.0.3-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10473
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:dnsdist-2.0.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:dnsdist-2.0.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:dnsdist-2.0.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:dnsdist-2.0.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:dnsdist-2.0.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:dnsdist-2.0.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:dnsdist-2.0.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:dnsdist-2.0.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:dnsdist-2.0.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:dnsdist-2.0.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:dnsdist-2.0.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:dnsdist-2.0.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.8 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:dnsdist-2.0.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:dnsdist-2.0.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:dnsdist-2.0.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:dnsdist-2.0.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "dnsdist-2.0.3-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the dnsdist-2.0.3-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10473",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10473-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-0396 page",
"url": "https://www.suse.com/security/cve/CVE-2026-0396/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-24028 page",
"url": "https://www.suse.com/security/cve/CVE-2026-24028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-24030 page",
"url": "https://www.suse.com/security/cve/CVE-2026-24030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27854 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27854/"
}
],
"title": "dnsdist-2.0.3-1.1 on GA media",
"tracking": {
"current_release_date": "2026-04-01T00:00:00Z",
"generator": {
"date": "2026-04-01T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10473-1",
"initial_release_date": "2026-04-01T00:00:00Z",
"revision_history": [
{
"date": "2026-04-01T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dnsdist-2.0.3-1.1.aarch64",
"product": {
"name": "dnsdist-2.0.3-1.1.aarch64",
"product_id": "dnsdist-2.0.3-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsdist-2.0.3-1.1.ppc64le",
"product": {
"name": "dnsdist-2.0.3-1.1.ppc64le",
"product_id": "dnsdist-2.0.3-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsdist-2.0.3-1.1.s390x",
"product": {
"name": "dnsdist-2.0.3-1.1.s390x",
"product_id": "dnsdist-2.0.3-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsdist-2.0.3-1.1.x86_64",
"product": {
"name": "dnsdist-2.0.3-1.1.x86_64",
"product_id": "dnsdist-2.0.3-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsdist-2.0.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dnsdist-2.0.3-1.1.aarch64"
},
"product_reference": "dnsdist-2.0.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsdist-2.0.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dnsdist-2.0.3-1.1.ppc64le"
},
"product_reference": "dnsdist-2.0.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsdist-2.0.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dnsdist-2.0.3-1.1.s390x"
},
"product_reference": "dnsdist-2.0.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsdist-2.0.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dnsdist-2.0.3-1.1.x86_64"
},
"product_reference": "dnsdist-2.0.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-0396",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-0396"
}
],
"notes": [
{
"category": "general",
"text": "An attacker might be able to inject HTML content into the internal web dashboard by sending crafted DNS queries to a DNSdist instance where domain-based dynamic rules have been enabled via either DynBlockRulesGroup:setSuffixMatchRule or DynBlockRulesGroup:setSuffixMatchRuleFFI.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.aarch64",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.s390x",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-0396",
"url": "https://www.suse.com/security/cve/CVE-2026-0396"
},
{
"category": "external",
"summary": "SUSE Bug 1261236 for CVE-2026-0396",
"url": "https://bugzilla.suse.com/1261236"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.aarch64",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.s390x",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.aarch64",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.s390x",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-01T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2026-0396"
},
{
"cve": "CVE-2026-24028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-24028"
}
],
"notes": [
{
"category": "general",
"text": "An attacker might be able to trigger an out-of-bounds read by sending a crafted DNS response packet, when custom Lua code uses newDNSPacketOverlay to parse DNS packets. The out-of-bounds read might trigger a crash, leading to a denial of service, or access unrelated memory, leading to potential information disclosure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.aarch64",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.s390x",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-24028",
"url": "https://www.suse.com/security/cve/CVE-2026-24028"
},
{
"category": "external",
"summary": "SUSE Bug 1261238 for CVE-2026-24028",
"url": "https://bugzilla.suse.com/1261238"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.aarch64",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.s390x",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.aarch64",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.s390x",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-01T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-24028"
},
{
"cve": "CVE-2026-24030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-24030"
}
],
"notes": [
{
"category": "general",
"text": "An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly closed, but in some cases the system might enter an out-of-memory state instead and terminate the process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.aarch64",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.s390x",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-24030",
"url": "https://www.suse.com/security/cve/CVE-2026-24030"
},
{
"category": "external",
"summary": "SUSE Bug 1261240 for CVE-2026-24030",
"url": "https://bugzilla.suse.com/1261240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.aarch64",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.s390x",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.aarch64",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.s390x",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-01T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-24030"
},
{
"cve": "CVE-2026-27854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27854"
}
],
"notes": [
{
"category": "general",
"text": "An attacker might be able to trigger a use-after-free by sending crafted DNS queries to a DNSdist using the DNSQuestion:getEDNSOptions method in custom Lua code. In some cases DNSQuestion:getEDNSOptions might refer to a version of the DNS packet that has been modified, thus triggering a use-after-free and potentially a crash resulting in denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.aarch64",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.s390x",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27854",
"url": "https://www.suse.com/security/cve/CVE-2026-27854"
},
{
"category": "external",
"summary": "SUSE Bug 1261243 for CVE-2026-27854",
"url": "https://bugzilla.suse.com/1261243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.aarch64",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.s390x",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.aarch64",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.s390x",
"openSUSE Tumbleweed:dnsdist-2.0.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-01T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-27854"
}
]
}
SUSE-SU-2026:1618-1
Vulnerability from csaf_suse - Published: 2026-04-24 14:25 - Updated: 2026-04-24 14:25Summary
Security update for dnsdist
Severity
Moderate
Notes
Title of the patch: Security update for dnsdist
Description of the patch: This update for dnsdist fixes the following issues:
Update to version 1.9.12.
- https://www.dnsdist.org/changelog.html#change-1.9.12
Security issues fixed:
- CVE-2026-0396: crafted DNS queries triggering domain-based dynamic rules can lead to HTML injection in the web
dashboard (bsc#1261236).
- CVE-2026-0397: misconfiguration of the CORS policy can lead to information disclosure (bsc#1261237).
- CVE-2026-24028: crafted DNS packet parsed by Lua code using `newDNSPacketOverlay` can lead to an out-of-bounds read
(bsc#1261238).
- CVE-2026-24029: disabled option on a DNS over HTTPS nghttp2 frontend allows clients to bypass ACLs and send DoH
queries (bsc#1261239).
- CVE-2026-24030: crafted DoQ and DoH3 queries can lead to unbounded memory allocation and DoS (bsc#1261240).
- CVE-2026-27853: crafted DNS responses sent to a DNSdist using certain methods in custom Lua code (`changeName`) can
lead to an out-of-bounds write (bsc#1261243).
- CVE-2026-27854: crafted DNS queries sent to a DNSdist using the `DNSQuestion:getEDNSOptions` method in custom Lua
code can lead to a use-after-free (bsc#1261241).
Patchnames: SUSE-2026-1618,SUSE-SLE-Module-Basesystem-15-SP7-2026-1618
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.8 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.8 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
32 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for dnsdist",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for dnsdist fixes the following issues:\n\nUpdate to version 1.9.12.\n\n- https://www.dnsdist.org/changelog.html#change-1.9.12\n\nSecurity issues fixed:\n\n- CVE-2026-0396: crafted DNS queries triggering domain-based dynamic rules can lead to HTML injection in the web\n dashboard (bsc#1261236).\n- CVE-2026-0397: misconfiguration of the CORS policy can lead to information disclosure (bsc#1261237).\n- CVE-2026-24028: crafted DNS packet parsed by Lua code using `newDNSPacketOverlay` can lead to an out-of-bounds read\n (bsc#1261238).\n- CVE-2026-24029: disabled option on a DNS over HTTPS nghttp2 frontend allows clients to bypass ACLs and send DoH\n queries (bsc#1261239).\n- CVE-2026-24030: crafted DoQ and DoH3 queries can lead to unbounded memory allocation and DoS (bsc#1261240).\n- CVE-2026-27853: crafted DNS responses sent to a DNSdist using certain methods in custom Lua code (`changeName`) can\n lead to an out-of-bounds write (bsc#1261243). \n- CVE-2026-27854: crafted DNS queries sent to a DNSdist using the `DNSQuestion:getEDNSOptions` method in custom Lua\n code can lead to a use-after-free (bsc#1261241).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-1618,SUSE-SLE-Module-Basesystem-15-SP7-2026-1618",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1618-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:1618-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261618-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:1618-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-April/045968.html"
},
{
"category": "self",
"summary": "SUSE Bug 1261236",
"url": "https://bugzilla.suse.com/1261236"
},
{
"category": "self",
"summary": "SUSE Bug 1261237",
"url": "https://bugzilla.suse.com/1261237"
},
{
"category": "self",
"summary": "SUSE Bug 1261238",
"url": "https://bugzilla.suse.com/1261238"
},
{
"category": "self",
"summary": "SUSE Bug 1261239",
"url": "https://bugzilla.suse.com/1261239"
},
{
"category": "self",
"summary": "SUSE Bug 1261240",
"url": "https://bugzilla.suse.com/1261240"
},
{
"category": "self",
"summary": "SUSE Bug 1261241",
"url": "https://bugzilla.suse.com/1261241"
},
{
"category": "self",
"summary": "SUSE Bug 1261243",
"url": "https://bugzilla.suse.com/1261243"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-0396 page",
"url": "https://www.suse.com/security/cve/CVE-2026-0396/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-0397 page",
"url": "https://www.suse.com/security/cve/CVE-2026-0397/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-24028 page",
"url": "https://www.suse.com/security/cve/CVE-2026-24028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-24029 page",
"url": "https://www.suse.com/security/cve/CVE-2026-24029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-24030 page",
"url": "https://www.suse.com/security/cve/CVE-2026-24030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27853 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27854 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27854/"
}
],
"title": "Security update for dnsdist",
"tracking": {
"current_release_date": "2026-04-24T14:25:54Z",
"generator": {
"date": "2026-04-24T14:25:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:1618-1",
"initial_release_date": "2026-04-24T14:25:54Z",
"revision_history": [
{
"date": "2026-04-24T14:25:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dnsdist-1.9.12-150700.3.9.1.aarch64",
"product": {
"name": "dnsdist-1.9.12-150700.3.9.1.aarch64",
"product_id": "dnsdist-1.9.12-150700.3.9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsdist-1.9.12-150700.3.9.1.i586",
"product": {
"name": "dnsdist-1.9.12-150700.3.9.1.i586",
"product_id": "dnsdist-1.9.12-150700.3.9.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsdist-1.9.12-150700.3.9.1.ppc64le",
"product": {
"name": "dnsdist-1.9.12-150700.3.9.1.ppc64le",
"product_id": "dnsdist-1.9.12-150700.3.9.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsdist-1.9.12-150700.3.9.1.s390x",
"product": {
"name": "dnsdist-1.9.12-150700.3.9.1.s390x",
"product_id": "dnsdist-1.9.12-150700.3.9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dnsdist-1.9.12-150700.3.9.1.x86_64",
"product": {
"name": "dnsdist-1.9.12-150700.3.9.1.x86_64",
"product_id": "dnsdist-1.9.12-150700.3.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsdist-1.9.12-150700.3.9.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64"
},
"product_reference": "dnsdist-1.9.12-150700.3.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsdist-1.9.12-150700.3.9.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le"
},
"product_reference": "dnsdist-1.9.12-150700.3.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsdist-1.9.12-150700.3.9.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x"
},
"product_reference": "dnsdist-1.9.12-150700.3.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dnsdist-1.9.12-150700.3.9.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
},
"product_reference": "dnsdist-1.9.12-150700.3.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-0396",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-0396"
}
],
"notes": [
{
"category": "general",
"text": "An attacker might be able to inject HTML content into the internal web dashboard by sending crafted DNS queries to a DNSdist instance where domain-based dynamic rules have been enabled via either DynBlockRulesGroup:setSuffixMatchRule or DynBlockRulesGroup:setSuffixMatchRuleFFI.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-0396",
"url": "https://www.suse.com/security/cve/CVE-2026-0396"
},
{
"category": "external",
"summary": "SUSE Bug 1261236 for CVE-2026-0396",
"url": "https://bugzilla.suse.com/1261236"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-24T14:25:54Z",
"details": "low"
}
],
"title": "CVE-2026-0396"
},
{
"cve": "CVE-2026-0397",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-0397"
}
],
"notes": [
{
"category": "general",
"text": "When the internal webserver is enabled (default is disabled), an attacker might be able to trick an administrator logged to the dashboard into visiting a malicious website and extract information about the running configuration from the dashboard. The root cause of the issue is a misconfiguration of the Cross-Origin Resource Sharing (CORS) policy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-0397",
"url": "https://www.suse.com/security/cve/CVE-2026-0397"
},
{
"category": "external",
"summary": "SUSE Bug 1261237 for CVE-2026-0397",
"url": "https://bugzilla.suse.com/1261237"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-24T14:25:54Z",
"details": "low"
}
],
"title": "CVE-2026-0397"
},
{
"cve": "CVE-2026-24028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-24028"
}
],
"notes": [
{
"category": "general",
"text": "An attacker might be able to trigger an out-of-bounds read by sending a crafted DNS response packet, when custom Lua code uses newDNSPacketOverlay to parse DNS packets. The out-of-bounds read might trigger a crash, leading to a denial of service, or access unrelated memory, leading to potential information disclosure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-24028",
"url": "https://www.suse.com/security/cve/CVE-2026-24028"
},
{
"category": "external",
"summary": "SUSE Bug 1261238 for CVE-2026-24028",
"url": "https://bugzilla.suse.com/1261238"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-24T14:25:54Z",
"details": "moderate"
}
],
"title": "CVE-2026-24028"
},
{
"cve": "CVE-2026-24029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-24029"
}
],
"notes": [
{
"category": "general",
"text": "When the early_acl_drop (earlyACLDrop in Lua) option is disabled (default is enabled) on a DNS over HTTPs frontend using the nghttp2 provider, the ACL check is skipped, allowing all clients to send DoH queries regardless of the configured ACL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-24029",
"url": "https://www.suse.com/security/cve/CVE-2026-24029"
},
{
"category": "external",
"summary": "SUSE Bug 1261239 for CVE-2026-24029",
"url": "https://bugzilla.suse.com/1261239"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-24T14:25:54Z",
"details": "moderate"
}
],
"title": "CVE-2026-24029"
},
{
"cve": "CVE-2026-24030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-24030"
}
],
"notes": [
{
"category": "general",
"text": "An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly closed, but in some cases the system might enter an out-of-memory state instead and terminate the process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-24030",
"url": "https://www.suse.com/security/cve/CVE-2026-24030"
},
{
"category": "external",
"summary": "SUSE Bug 1261240 for CVE-2026-24030",
"url": "https://bugzilla.suse.com/1261240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-24T14:25:54Z",
"details": "moderate"
}
],
"title": "CVE-2026-24030"
},
{
"cve": "CVE-2026-27853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27853"
}
],
"notes": [
{
"category": "general",
"text": "An attacker might be able to trigger an out-of-bounds write by sending crafted DNS responses to a DNSdist using the DNSQuestion:changeName or DNSResponse:changeName methods in custom Lua code. In some cases the rewritten packet might become larger than the initial response and even exceed 65535 bytes, potentially leading to a crash resulting in denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27853",
"url": "https://www.suse.com/security/cve/CVE-2026-27853"
},
{
"category": "external",
"summary": "SUSE Bug 1261241 for CVE-2026-27853",
"url": "https://bugzilla.suse.com/1261241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-24T14:25:54Z",
"details": "moderate"
}
],
"title": "CVE-2026-27853"
},
{
"cve": "CVE-2026-27854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27854"
}
],
"notes": [
{
"category": "general",
"text": "An attacker might be able to trigger a use-after-free by sending crafted DNS queries to a DNSdist using the DNSQuestion:getEDNSOptions method in custom Lua code. In some cases DNSQuestion:getEDNSOptions might refer to a version of the DNS packet that has been modified, thus triggering a use-after-free and potentially a crash resulting in denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27854",
"url": "https://www.suse.com/security/cve/CVE-2026-27854"
},
{
"category": "external",
"summary": "SUSE Bug 1261243 for CVE-2026-27854",
"url": "https://bugzilla.suse.com/1261243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dnsdist-1.9.12-150700.3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-24T14:25:54Z",
"details": "moderate"
}
],
"title": "CVE-2026-27854"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…