CVE-2025-30193 – DNSdist TCP Stack Exhaustion Denial of Service Vulnerability

May 20, 2025

CVE ID : CVE-2025-30193

Published : May 20, 2025, 12:15 p.m. | 2 hours, 34 minutes ago

Description : In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a TCP exchange that triggers an exhaustion of the stack and a crash of DNSdist, causing a denial of service.

The remedy is: upgrade to the patched 1.9.10 version.

A workaround is to restrict the maximum number of queries on incoming TCP connections to a safe value, like 50, via the setMaxTCPQueriesPerConnection setting.

We would like to thank Renaud Allard for bringing this issue to our attention.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-41230 – VMware Cloud Foundation SSL/TLS Information Disclosure

Next Article CVE-2025-4364 – Apache HTTP Server Information Disclosure

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

GPT-5 should have a higher “degree of scientific certainty” than the current ChatGPT — but with less model switching

Elon Musk’s Grok 3 AI coming to Azure proves Satya Nadella’s allegiance isn’t to OpenAI, but to maximizing Microsoft’s profit gains by heeding consumer demands

One of the most promising open-world RPGs in years is releasing next week on Xbox and PC

NVIDIA’s latest driver fixes some big issues with DOOM: The Dark Ages

Community News: Latest PECL Releases (05.20.2025)

Community News: Latest PECL Releases (05.20.2025)

Getting Started with Personalization in Sitecore XM Cloud: Enable, Extend, and Execute

Universal Design and Global Accessibility Awareness Day (GAAD)

GPT-5 should have a higher “degree of scientific certainty” than the current ChatGPT — but with less model switching

GPT-5 should have a higher “degree of scientific certainty” than the current ChatGPT — but with less model switching

Elon Musk’s Grok 3 AI coming to Azure proves Satya Nadella’s allegiance isn’t to OpenAI, but to maximizing Microsoft’s profit gains by heeding consumer demands

One of the most promising open-world RPGs in years is releasing next week on Xbox and PC

CVE-2025-30193 – DNSdist TCP Stack Exhaustion Denial of Service Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-44898 – Fortinet Wireless Access Point Stack Overflow Vulnerability

This new mechanical keyboard for writers could be your productivity secret weapon

CVE-2025-3847 – Markparticle WebServer SQL Injection Vulnerability

New Guide: How to Scale Your vCISO Services Profitably

The Complex

Machine Learning Revolutionizes Path Loss Modeling with Simplified Features

The tasks college students are using Claude AI for most, according to Anthropic

CVE-2025-4532 – Shanghai Bairui Information Technology SunloginClient DLL Search Path Vulnerability (Uncontrolled Search Path)

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [10 February]

CVE-2025-30193 – DNSdist TCP Stack Exhaustion Denial of Service Vulnerability

Related Posts