CVE-2026-27853Out-of-bounds Write in Dnsdist

CWE-787Out-of-bounds Write8 documents7 sources
Severity
5.9MEDIUMNVD
EPSS
0.0%
top 93.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Powerdns Dnsdist
Timeline
PublishedMar 31

Description

An attacker might be able to trigger an out-of-bounds write by sending crafted DNS responses to a DNSdist using the DNSQuestion:changeName or DNSResponse:changeName methods in custom Lua code. In some cases the rewritten packet might become larger than the initial response and even exceed 65535 bytes, potentially leading to a crash resulting in denial of service.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5powerdns/dnsdist1.9.01.9.12+1
Debianpowerdns/dnsdist< 2.0.3-1

🔴Vulnerability Details

3
OSV
CVE-2026-27853: An attacker might be able to trigger an out-of-bounds write by sending crafted DNS responses to a DNSdist using the DNSQuestion:changeName or DNSRespo2026-03-31
CVEList
Out-of-bounds write when rewriting large DNS packets2026-03-31
GHSA
GHSA-w68q-j3pw-29rg: An attacker might be able to trigger an out-of-bounds write by sending crafted DNS responses to a DNSdist using the DNSQuestion:changeName or DNSRespo2026-03-31

📋Vendor Advisories

1
Debian
CVE-2026-27853: dnsdist - An attacker might be able to trigger an out-of-bounds write by sending crafted D...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-27853 Impact, Exploitability, and Mitigation Steps | Wiz

💬Community

2
Bugzilla
CVE-2026-27853 dnsdist: dnsdist: Denial of Service via crafted DNS responses [fedora-all]2026-03-31
Bugzilla
CVE-2026-27853 dnsdist: dnsdist: Denial of Service via crafted DNS responses [epel-all]2026-03-31
CVE-2026-27853 — Out-of-bounds Write in Dnsdist | cvebase