CVE-2023-50868

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-50868

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-50868.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-50868

Downstream

ALPINE-CVE-2023-50868

BELL-CVE-2023-50868

DEBIAN-CVE-2023-50868

DLA-3736-1

DLA-3816-1

DLA-3859-1

DLA-3974-1

DSA-5620-1

DSA-5621-1

DSA-5626-1

DSA-5633-1

OESA-2024-1210

OESA-2024-1489

OESA-2024-2014

OESA-2024-2015

OESA-2025-2609

RHSA-2024:0965

RHSA-2024:0977

RHSA-2024:0981

RHSA-2024:0982

RHSA-2024:11003

RHSA-2024:1334

RHSA-2024:1335

RHSA-2024:1522

RHSA-2024:1543

RHSA-2024:1544

RHSA-2024:1545

RHSA-2024:1647

RHSA-2024:1648

RHSA-2024:1781

RHSA-2024:1782

RHSA-2024:1789

RHSA-2024:1800

RHSA-2024:1801

RHSA-2024:1803

RHSA-2024:1804

RHSA-2024:2551

RHSA-2024:2587

RHSA-2024:2696

RHSA-2024:2720

RHSA-2024:2721

RHSA-2024:2821

RHSA-2024:2890

RHSA-2024:3271

RHSA-2024:3741

RHSA-2024:3877

RHSA-2024:3929

RHSA-2025:0039

SUSE-SU-2024:0574-1

SUSE-SU-2024:0590-1

SUSE-SU-2024:1894-1

SUSE-SU-2024:1923-1

SUSE-SU-2024:1982-1

SUSE-SU-2024:1991-1

SUSE-SU-2024:1991-2

SUSE-SU-2024:2033-1

SUSE-SU-2025:0071-1

SUSE-SU-2025:0130-1

UBUNTU-CVE-2023-50868

USN-6633-1

USN-6642-1

USN-6657-1

USN-6657-2

USN-6665-1

USN-6723-1

openSUSE-SU-2024:0048-1

openSUSE-SU-2024:13687-1

openSUSE-SU-2024:13742-1

Related

Published

2024-02-14T16:15:45Z

Modified

2025-08-09T20:01:27Z

Summary

[none]

Details

The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. The RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash function in certain situations.

References

Affected packages