CVE-2024-8418

A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. An attacker can exploit this flaw by keeping a TCP connection open indefinitely, causing the server to become unresponsive and resulting in other DNS queries timing out. This issue prevents legitimate users from accessing DNS services, thereby disrupting normal operations and causing service downtime.

CVSS v3.0 7.5 HIGH

7.5^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/errata/RHSA-2025:7094
https://access.redhat.com/security/cve/CVE-2024-8418	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2309683	Issue Tracking
https://github.com/containers/aardvark-dns/issues/500	Exploit Issue Tracking
https://github.com/containers/aardvark-dns/pull/503	Issue Tracking

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:containers:aardvark-dns:1.12.1:::::::*
	cpe:2.3:a:containers:aardvark-dns:1.12.0:::::::*

History

13 May 2025, 15:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2025:7094 -

17 Sep 2024, 20:15

Type	Values Removed	Values Added
Summary	A flaw was found in Aardvark-dns versions 1.12.0 and 1.12.1. They contain a denial of service vulnerability due to serial processing of TCP DNS queries. This flaw allows a malicious client to keep a TCP connection open indefinitely, causing other DNS queries to time out and resulting in a denial of service for all other containers using aardvark-dns.	A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. An attacker can exploit this flaw by keeping a TCP connection open indefinitely, causing the server to become unresponsive and resulting in other DNS queries timing out. This issue prevents legitimate users from accessing DNS services, thereby disrupting normal operations and causing service downtime.

05 Sep 2024, 14:18

Type	Values Removed	Values Added
CWE	~~CWE-400~~	NVD-CWE-noinfo
References	~~() https://access.redhat.com/security/cve/CVE-2024-8418 -~~	() https://access.redhat.com/security/cve/CVE-2024-8418 - Third Party Advisory
References	~~() https://github.com/containers/aardvark-dns/pull/503 -~~	() https://github.com/containers/aardvark-dns/pull/503 - Issue Tracking
References	~~() https://github.com/containers/aardvark-dns/issues/500 -~~	() https://github.com/containers/aardvark-dns/issues/500 - Exploit, Issue Tracking
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=2309683 -~~	() https://bugzilla.redhat.com/show_bug.cgi?id=2309683 - Issue Tracking
First Time		Containers aardvark-dns Containers
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5
CPE		cpe:2.3:a:containers:aardvark-dns:1.12.0:::::::* cpe:2.3:a:containers:aardvark-dns:1.12.1:::::::*

04 Sep 2024, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-04 15:15

Updated : 2025-05-13 15:15

NVD link : CVE-2024-8418

Mitre link : CVE-2024-8418

JSON object : View

Products Affected

containers

aardvark-dns

CWE

NVD-CWE-noinfo

7.5 /10