CVE-2025-30193 – DNSdist TCP Stack Exhaustion Denial of Service Vulnerability

May 20, 2025

CVE ID : CVE-2025-30193

Published : May 20, 2025, 12:15 p.m. | 2 hours, 34 minutes ago

Description : In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a TCP exchange that triggers an exhaustion of the stack and a crash of DNSdist, causing a denial of service.

The remedy is: upgrade to the patched 1.9.10 version.

A workaround is to restrict the maximum number of queries on incoming TCP connections to a safe value, like 50, via the setMaxTCPQueriesPerConnection setting.

We would like to thank Renaud Allard for bringing this issue to our attention.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-41230 – VMware Cloud Foundation SSL/TLS Information Disclosure

Next Article CVE-2025-4364 – Apache HTTP Server Information Disclosure

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

GPT-5 should have a higher “degree of scientific certainty” than the current ChatGPT — but with less model switching

Elon Musk’s Grok 3 AI coming to Azure proves Satya Nadella’s allegiance isn’t to OpenAI, but to maximizing Microsoft’s profit gains by heeding consumer demands

One of the most promising open-world RPGs in years is releasing next week on Xbox and PC

NVIDIA’s latest driver fixes some big issues with DOOM: The Dark Ages

Community News: Latest PECL Releases (05.20.2025)

Community News: Latest PECL Releases (05.20.2025)

Getting Started with Personalization in Sitecore XM Cloud: Enable, Extend, and Execute

Universal Design and Global Accessibility Awareness Day (GAAD)

GPT-5 should have a higher “degree of scientific certainty” than the current ChatGPT — but with less model switching

GPT-5 should have a higher “degree of scientific certainty” than the current ChatGPT — but with less model switching

Elon Musk’s Grok 3 AI coming to Azure proves Satya Nadella’s allegiance isn’t to OpenAI, but to maximizing Microsoft’s profit gains by heeding consumer demands

One of the most promising open-world RPGs in years is releasing next week on Xbox and PC

CVE-2025-30193 – DNSdist TCP Stack Exhaustion Denial of Service Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-4996 – Intelbras RF 301K Cross-Site Scripting Vulnerability

Is it possible to use Microsoft UIA to automate sites designed in Angular?

Google AI Releases Gemini 2.0 Flash Thinking model (gemini-2.0-flash-thinking-exp-01-21): Scoring 73.3% on AIME (Math) and 74.2% on GPQA Diamond (Science) Benchmarks

Generalizable Reward Model (GRM): An Efficient AI Approach to Improve the Generalizability and Robustness of Reward Learning for LLMs

Post-Launch Analysis: Improving Your Website and App

A new Steam Deck competitor with features we’ve never seen in a gaming handheld might be the device we’ve been waiting for

TC39: No to records and tuples, yes to enums

Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes

sic offers image processing and conversion

CVE-2025-30193 – DNSdist TCP Stack Exhaustion Denial of Service Vulnerability

Related Posts