CVE-2023-28452: CoreDNS vulnerable to TuDoor Attacks

September 18, 2024 (updated September 25, 2024)

An issue was discovered in CoreDNS through 1.10.1. There is a vulnerability in DNS resolving software, which triggers a resolver to ignore valid responses, thus causing denial of service for normal resolution. In an exploit, the attacker could just forge a response targeting the source port of a vulnerable resolver without the need to guess the correct TXID.

References

coredns.io/
gist.github.com/idealeer/e41c7fb3b661d4262d0b6f21e12168ba
github.com/advisories/GHSA-hfmw-7g3m-gj6q
github.com/coredns/coredns
github.com/coredns/coredns/commit/604a902e2c7e0317aecaa3666124079c75a31573
nvd.nist.gov/vuln/detail/CVE-2023-28452

Code Behaviors & Features

Detect and mitigate CVE-2023-28452 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →