CVE-2025-30195 HIGH

CVE-2025-30195: A crafted zone can lead to an illegal memory access in the PowerDNS Recursor

Vendor Powerdns
Product Recursor
Weakness CWE-476
Published April 7, 2025
Last update April 7, 2025

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

An attacker can publish a zone containing specific Resource Record Sets. Processing and caching results for these sets can lead to an illegal memory accesses and crash of the Recursor, causing a denial of service. The remedy is: upgrade to the patched 5.2.1 version. We would like to thank Volodymyr Ilyin for bringing this issue to our attention.

Key dates

02Disclosure timeline

April 7, 2025 CVE published
April 7, 2025 Record updated