CVE-2024-8418
Published: Sep 4, 2024
Modified: Nov 20, 2025
CVSS v3.1
7.5
Description
A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. An attacker can exploit this flaw by keeping a TCP connection open indefinitely, causing the server to become unresponsive and resulting in other DNS queries timing out. This issue prevents legitimate users from accessing DNS services, thereby disrupting normal operations and causing service downtime.
| Vendor | Product | Versions |
|---|---|---|
Unknown | containers/aardvark-dns | affected 1.12.0affected 1.12.1 |
Red Hat | Red Hat Enterprise Linux 9 | unaffected 2:1.14.0-1.el9 - < * |
Red Hat | Red Hat Enterprise Linux 10 | All versions |
Red Hat | Red Hat Enterprise Linux 8 | All versions |
Red Hat | Red Hat Enterprise Linux 8 | All versions |
Red Hat | Red Hat Enterprise Linux 9 | All versions |
Red Hat | Red Hat OpenShift Container Platform 4 | All versions |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now