Primary

Context

PowerDNS DNSdist Divide-By-Zero Vulnerability Leading to Denial-of-Service

Vulnerability

Patched

A denial-of-service vulnerability has been identified in PowerDNS DNSdist versions through 2.0.3 and 1.9.12. This issue arises from a divide-by-zero error that can be triggered by a client sending a crafted DNSCrypt query, leading to a crash.

Impact

Exploitation of this vulnerability causes a denial-of-service condition by crashing the DNSdist service.

Remediation

Users can upgrade to PowerDNS DNSdist versions 1.9.13 or 2.0.4, or disable DNSCrypt.

Added: Apr 22, 2026, 2:31 PM

Updated: Apr 22, 2026, 2:31 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

2.5

exploitability

8.3

remediation

7.9

relevance

6.5

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

2.5

exploitability

8.3

remediation

7.9

relevance

6.5

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PowerDNS DNSdist Divide-By-Zero Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

PowerDNS DNSdist

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating