A vulnerability was in found in PowerDNS Authoritative Server (from 3.3.0 up to and including 4.1.3) and PowerDNS Recursor (from 3.2 up to and including 4.1.3). The issue is a memory leak occurring while parsing some malformed records, due to the fact that some memory is allocated parsing a record and is not always properly released if the record is not valid.
In the authoritative server, it allows an authorized user to cause a denial of service by inserting specially crafted records in a zone under their control, then sending DNS queries for that zone.
In the recursor, it allows a malicious auth server to cause a denial of service by sending specially crafted records in response to a legitimate query by an authorized user.
Created pdns tracking bugs for this issue:
Affects: epel-all [bug 1649032]
Affects: fedora-all [bug 1649031]
Created pdns-recursor tracking bugs for this issue:
Affects: epel-all [bug 1649043]
Affects: fedora-all [bug 1649042]