Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Fedora 43 nsd Critical Heap Overflow DoS Fix 2026-2843bb1cc8

fedora
Calendar Grey July 4, 2026
Dist Fedora Esm H88
Discover critical fixes for nsd in Fedora 43 addressing heap overflow and DoS issues. Stay secure with the latest updates.
Fix for CVE-2026-12244: A specially crafted SVCB RR can cause a heap overflow of up to 65509 attacker controlled bytes

Summary

NSD is a complete implementation of an authoritative DNS name server.

For further information about what NSD is and what NSD is not please

consult the REQUIREMENTS document which is a part of this distribution.

Update Information:

Fix for CVE-2026-12244: A specially crafted SVCB RR can cause a heap overflow of up to 65509 attacker controlled bytes. Thanks to Qifan Zhang, Palo Alto Networks for the report https://www.nlnetlabs.nl/downloads/nsd/CVE-2026-12244.txt Fix for CVE-2026-12245: If NSD is configured with DNS over TLS, a client that performs a TLS action, closing the connection early, causes a crash and restart of the server process. An attacker can keep all children in a crash-restart loop denying DoT service. Thanks to Qifan Zhang, Palo Alto Networks for the report. https://www.nlnetlabs.nl/downloads/nsd/CVE-2026-12245.txt Fix for CVE-2026-12246: The RR type APL rdata address, if too large, causes out of bounds write on the stack, when the zonefile is written out. Thanks to Qifan Zhang from Palo Alto Networks, Haruki Oyama from Waseda University and zhangph for the report. https://www.nlnetlabs.nl/downloads/nsd/CVE-2026-12246.txt Fix for CVE-2026-12490: Secondaries authenticated by a client...

Change Log

* Fri Jun 26 2026 Fabio Alessandro Locati - 4.14.3-1 - Update to 4.14.3. Fixes rhbz#2492647 * Fri Jun 12 2026 Yaakov Selkowitz - 4.14.2-2 - Rebuilt for openssl 4.0

References

Fedora Update Notification FEDORA-2026-2843bb1cc8 2026-07-05 00:49:16.510758+00:00 Name : nsd Product : Fedora 43 Version : 4.14.3 Release : 1.fc43 URL : http://www.nlnetlabs.nl/nsd/ Summary : Fast and lean authoritative DNS Name Server Description : NSD is a complete implementation of an authoritative DNS name server. For further information about what NSD is and what NSD is not please consult the REQUIREMENTS document which is a part of this distribution.

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-2843bb1cc8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: nsd
Product: Fedora 43
Version: 4.14.3
Release: 1.fc43
Summary: Fast and lean authoritative DNS Name Server

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here