CGA-h953-7c3p-j8vq

Published

Last updated

https://images.chainguard.dev/security/CGA-h953-7c3p-j8vq

Package

eks-distro-fips-1.28

Repository

Chainguard

Latest Update

Pending upstream fix

Aliases

CVE-2023-28452
GHSA-hfmw-7g3m-gj6q

Severity

Unknown

Summary

CoreDNS vulnerable to TuDoor Attacks

Description

An issue was discovered in CoreDNS through 1.10.1. There is a vulnerability in DNS resolving software, which triggers a resolver to ignore valid responses, thus causing denial of service for normal resolution. In an exploit, the attacker could just forge a response targeting the source port of a vulnerable resolver without the need to guess the correct TXID.

References

https://nvd.nist.gov/vuln/detail/CVE-2023-28452
https://github.com/advisories/GHSA-hfmw-7g3m-gj6q
https://github.com/coredns/coredns/commit/604a902e2c7e0317aecaa3666124079c75a31573
https://coredns.io
https://gist.github.com/idealeer/e41c7fb3b661d4262d0b6f21e12168ba
https://github.com/coredns/coredns

Updates

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CGA-h953-7c3p-j8vq

Severity

Summary

Description

References

Updates

Products

Why Chainguard

Customers

Company

Resources