An issue has been found in the dnsreplay tool provided with PowerDNS Authoritative, where replaying a specially crafted PCAP file can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution. This buffer overflow only occurs when the –ecs-stamp option of dnsreplay is used. Affects: dnsreplay from 4.0.0 up to and including 4.1.1 Upstream patch: https://github.com/PowerDNS/pdns/commit/f9c57c98da1b1007a51680629b667d57d9b702b8 Reference: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-02.html
Created pdns tracking bugs for this issue: Affects: fedora-all [bug 1579272]