Fedora 43 dnsdist Critical DoS Fixes CVE-2026-27854 2026-6cae4711b3

fedora

April 10, 2026

Update to latest upstream

Summary

dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life

is to route traffic to the best server, delivering top performance to

legitimate users while shunting or blocking abusive traffic.

Update Information:

Update to latest upstream

Topics Covered

security advisory fedora update DoS information disclosure dnsdist

Change Log

* Wed Apr 1 2026 Sander Hoentjen - 2.0.3-1 - Update to new upstream - Fixes #2453419 (CVE-2026-27854) - Fixes #2453421 (CVE-2026-27853) - Fixes #2453426 (CVE-2026-24030) - Fixes #2453427 (CVE-2026-0397) - Fixes #2453429 (CVE-2026-24029) - Fixes #2453430 (CVE-2026-0396) - Fixes #2453431 (CVE-2026-24028) * Fri Jan 16 2026 Fedora Release Engineering - 2.0.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Jan 16 2026 Fedora Release Engineering - 2.0.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild

References

[ 1 ] Bug #2419176 - dnsdist-2.0.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2419176 [ 2 ] Bug #2453419 - CVE-2026-27854 dnsdist: DNSdist: Denial of Service due to use-after-free vulnerability in Lua [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2453419 [ 3 ] Bug #2453421 - CVE-2026-27853 dnsdist: dnsdist: Denial of Service via crafted DNS responses [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2453421 [ 4 ] Bug #2453426 - CVE-2026-24030 dnsdist: DNSdist: Denial of Service via excessive memory allocation from DNS over QUIC or HTTP/3 payloads [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2453426 [ 5 ] Bug #2453427 - CVE-2026-0397 dnsdist: dnsdist and PowerDNS: Information Disclosure via Cross-Origin Resource Sharing (CORS) Misconfiguration [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2453427 [ 6 ] Bug #2453429 - CVE-2026-24029 dnsdist: dnsdist: Access Control List...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-6cae4711b3' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity

critical

Lowest

Low

Medium

High

Critical

Name: dnsdist

Product: Fedora 43

Version: 2.0.3

Release: 1.fc43

URL: https://dnsdist.org

Summary: Highly DNS-, DoS- and abuse-aware loadbalancer

Topics Covered

security advisory fedora update DoS information disclosure dnsdist

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 43 dnsdist Critical DoS Fixes CVE-2026-27854 2026-6cae4711b3

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 43 dnsdist Critical DoS Fixes CVE-2026-27854 2026-6cae4711b3

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!