SUSE-SU-2025:01745-1

Опубликовано: 29 мая 2025

Источник: suse-cvrf

Описание

Security update for dnsdist

This update for dnsdist fixes the following issues:

CVE-2025-30193: stack exhaustion when processing too many queries on incoming TCP connections leads to a denial-of-service (bsc#1243378).

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

dnsdist-1.8.0-150400.9.6.1

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

dnsdist-1.8.0-150400.9.6.1

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

dnsdist-1.8.0-150400.9.6.1

SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

dnsdist-1.8.0-150400.9.6.1

SUSE Linux Enterprise Module for Basesystem 15 SP6

dnsdist-1.8.0-150400.9.6.1

SUSE Linux Enterprise Server 15 SP4-LTSS

dnsdist-1.8.0-150400.9.6.1

SUSE Linux Enterprise Server 15 SP5-LTSS

dnsdist-1.8.0-150400.9.6.1

SUSE Linux Enterprise Server for SAP Applications 15 SP4

dnsdist-1.8.0-150400.9.6.1

SUSE Linux Enterprise Server for SAP Applications 15 SP5

dnsdist-1.8.0-150400.9.6.1

SUSE Manager Proxy 4.3

dnsdist-1.8.0-150400.9.6.1

SUSE Manager Server 4.3

dnsdist-1.8.0-150400.9.6.1

openSUSE Leap 15.6

dnsdist-1.8.0-150400.9.6.1

Ссылки

https://www.suse.com/support/update/announcement/2025/suse-su-202501745-1/
Link for SUSE-SU-2025:01745-1
https://lists.suse.com/pipermail/sle-updates/2025-May/039421.html
E-Mail link for SUSE-SU-2025:01745-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1243378
SUSE Bug 1243378
https://www.suse.com/security/cve/CVE-2025-30193/
SUSE CVE CVE-2025-30193 page

Описание

In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a TCP exchange that triggers an exhaustion of the stack and a crash of DNSdist, causing a denial of service. The remedy is: upgrade to the patched 1.9.10 version. A workaround is to restrict the maximum number of queries on incoming TCP connections to a safe value, like 50, via the setMaxTCPQueriesPerConnection setting. We would like to thank Renaud Allard for bringing this issue to our attention.

Затронутые продукты

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:dnsdist-1.8.0-150400.9.6.1

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:dnsdist-1.8.0-150400.9.6.1

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dnsdist-1.8.0-150400.9.6.1

SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dnsdist-1.8.0-150400.9.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-30193.html
CVE-2025-30193
https://bugzilla.suse.com/1243378
SUSE Bug 1243378

SUSE-SU-2025:01745-1

Описание

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

SUSE Linux Enterprise Module for Basesystem 15 SP6

SUSE Linux Enterprise Server 15 SP4-LTSS

SUSE Linux Enterprise Server 15 SP5-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP4

SUSE Linux Enterprise Server for SAP Applications 15 SP5

SUSE Manager Proxy 4.3

SUSE Manager Server 4.3

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2025-30193

Описание

Затронутые продукты

Ссылки