CVE-2026-27854Use After Free in Dnsdist

CWE-416Use After Free8 documents7 sources
Severity
4.8MEDIUMNVD
EPSS
0.0%
top 97.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Powerdns Dnsdist
Timeline
PublishedMar 31

Description

An attacker might be able to trigger a use-after-free by sending crafted DNS queries to a DNSdist using the DNSQuestion:getEDNSOptions method in custom Lua code. In some cases DNSQuestion:getEDNSOptions might refer to a version of the DNS packet that has been modified, thus triggering a use-after-free and potentially a crash resulting in denial of service.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:LExploitability: 2.2 | Impact: 2.5

Affected Packages2 packages

CVEListV5powerdns/dnsdist1.9.01.9.12+1
Debianpowerdns/dnsdist< 2.0.3-1

🔴Vulnerability Details

3
CVEList
Use after free when parsing EDNS options in Lua2026-03-31
OSV
CVE-2026-27854: An attacker might be able to trigger a use-after-free by sending crafted DNS queries to a DNSdist using the DNSQuestion:getEDNSOptions method in custo2026-03-31
GHSA
GHSA-fmwh-v9r8-w9j6: An attacker might be able to trigger a use-after-free by sending crafted DNS queries to a DNSdist using the DNSQuestion:getEDNSOptions method in custo2026-03-31

📋Vendor Advisories

1
Debian
CVE-2026-27854: dnsdist - An attacker might be able to trigger a use-after-free by sending crafted DNS que...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-27854 Impact, Exploitability, and Mitigation Steps | Wiz

💬Community

2
Bugzilla
CVE-2026-27854 dnsdist: DNSdist: Denial of Service due to use-after-free vulnerability in Lua [fedora-all]2026-03-31
Bugzilla
CVE-2026-27854 dnsdist: DNSdist: Denial of Service due to use-after-free vulnerability in Lua [epel-all]2026-03-31
CVE-2026-27854 — Use After Free in Powerdns Dnsdist | cvebase