CVE-2022-37428

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-37428
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-37428.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-37428
Downstream
Related
Published
2022-08-23T17:15:15.170Z
Modified
2026-03-20T12:13:03.629194Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

PowerDNS Recursor up to and including 4.5.9, 4.6.2 and 4.7.1, when protobuf logging is enabled, has Improper Cleanup upon a Thrown Exception, leading to a denial of service (daemon crash) via a DNS query that leads to an answer with specific properties.

References

Affected packages

Git / github.com/powerdns/pdns

Affected ranges

Type
GIT
Repo
https://github.com/powerdns/pdns
Events
Introduced
8acf42e9ad4c339b7636693ed2d22e305a2e2335
Fixed
87735c1c89bc36570210ff470d3e47ae8a17697a
Introduced
267458e54fe9446084c4f0ecf980b5c307d84c56
Fixed
9067ba9431f2533dca50d07d6e7d245bfce97960
Introduced
677a4e8ea8f791d27d2a75c1f3e6486dff11e22f
Fixed
2bf98efd6d8026efcfc6b99ccd09703dcc5fe636
Database specific 
{
    "versions": [
        {
            "introduced": "4.5.0"
        },
        {
            "fixed": "4.5.10"
        },
        {
            "introduced": "4.6.0"
        },
        {
            "fixed": "4.6.3"
        },
        {
            "introduced": "4.7.0"
        },
        {
            "fixed": "4.7.2"
        }
    ]
}

Affected versions

rec-4.*
rec-4.5.0
rec-4.5.1
rec-4.5.2
rec-4.5.3
rec-4.5.4
rec-4.5.5
rec-4.5.6
rec-4.5.7
rec-4.5.8
rec-4.5.9
rec-4.6.0
rec-4.6.1
rec-4.6.2
rec-4.7.0
rec-4.7.1

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "36"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-37428.json"