PowerDNS Authoritative Server RPZ Null Pointer Dereference Vulnerability Leading to Denial-of-Service

Vulnerability

A null pointer dereference vulnerability has been identified in PowerDNS Authoritative Server. This issue arises when a malicious authoritative server sends a Response Policy Zone (RPZ) that triggers the null pointer dereference, due to a lack of proper consistency checks. The vulnerability can be exploited to cause a denial-of-service condition.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the server to become unresponsive or unavailable.

Added: Apr 22, 2026, 11:11 AM

Updated: Apr 22, 2026, 11:11 AM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

7.0

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

7.0

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PowerDNS Authoritative Server RPZ Null Pointer Dereference Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Affected Products

PowerDNS Recursor

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating