Changes between OpenSSL 1.x and OpenSSL 3.0 expose a flaw in named that causes a small memory leak in key processing when using TKEY records in Diffie-Hellman mode with OpenSSL 3.0.0 and later versions. An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. Upon restart the attacker would have to begin again, but nevertheless there is the potential to deny service.
Created bind tracking bugs for this issue: Affects: fedora-all [bug 2128699] Created dhcp tracking bugs for this issue: Affects: fedora-all [bug 2128700]