Input validation error in CoreDNS

#VU93499 Input validation error in CoreDNS

Published: 2024-06-28

Vulnerability identifier: #VU93499

Vulnerability risk: Low

CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-0874

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
CoreDNS
Server applications / DNS servers

Vendor: CoreDNS

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect implementation of cashing. A remote attacker can force the DNS server to return invalid cache entries and perform spoofing attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

CoreDNS: 1.0.0 - 1.11.1

External links
http://access.redhat.com/security/cve/CVE-2024-0874
http://bugzilla.redhat.com/show_bug.cgi?id=2219234
http://github.com/coredns/coredns/issues/6186
http://github.com/coredns/coredns/pull/6354
http://access.redhat.com/errata/RHSA-2024:0041

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.16

Spoofing attack in CoreDNS