An issue was discovered in setTA in scan_rr.go in the Miek Gieben DNS library before 1.0.10 for Go. A dns.ParseZone() parsing error causes a segmentation violation, leading to denial of service. https://github.com/miekg/dns/issues/742
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:3304 https://access.redhat.com/errata/RHSA-2023:3304
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:3287 https://access.redhat.com/errata/RHSA-2023:3287
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2023:3309 https://access.redhat.com/errata/RHSA-2023:3309
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2018-17419
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.10 Via RHSA-2023:3363 https://access.redhat.com/errata/RHSA-2023:3363
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:5006 https://access.redhat.com/errata/RHSA-2023:5006