A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attacker to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS protocol.
Acknowledgments: Name: Petr Špaček (CZ.NIC) Upstream: Vladimír Čunát (CZ.NIC)
Created knot-resolver tracking bugs for this issue: Affects: epel-7 [bug 1729827] Affects: fedora-all [bug 1729826]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.