Test ID:	1.3.6.1.4.1.25623.1.0.114414
Category:	Denial of Service
Title:	Unbound DNS Resolver 1.18.0 - 1.19.1 DoS Vulnerability
Summary:	Unbound DNS Resolver is prone to a denial of service (DoS); vulnerability.
Description:	Summary: Unbound DNS Resolver is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: Recent versions of Unbound contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. This issue can only be triggered if the non-default option 'ede: yes' is used, Unbound would reply with attached EDE information on a positive reply, and the client's buffer size is relatively smaller than the needed space to include EDE records. Affected Software/OS: Unbound DNS Resolver versions 1.18.0 through 1.19.1. Solution: Update to version 1.19.2 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2024-1931 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B2JUIFPA7H75Q2W3VXW2TUNHK6NVGOX4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBR4H7RCVMJ6H76S4LLRSY5EBFTYWGXK/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4VCBRQ7KMSIGBQ6A4SBL5PF326DIJIIV/ https://www.nlnetlabs.nl/downloads/unbound/CVE-2024-1931.txt
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.