PowerDNS Recursor Null Pointer Dereference Vulnerability in Zone Caching Function

Vulnerability

A null pointer dereference vulnerability has been identified in PowerDNS Recursor. This issue arises in the zoneToCache function when it processes data from a malicious authoritative server. The vulnerability is caused by a lack of proper consistency checks, allowing an attacker to send a crafted zone that leads to the null pointer dereference, ultimately causing a denial-of-service condition.

Impact

Exploitation of this vulnerability leads to a null pointer dereference, causing a denial-of-service condition by crashing the PowerDNS Recursor process.

Added: Apr 22, 2026, 11:11 AM

Updated: Apr 22, 2026, 11:11 AM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

7.0

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

7.0

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PowerDNS Recursor Null Pointer Dereference Vulnerability in Zone Caching Function

Vulnerability

Impact

Affected Products

PowerDNS Recursor

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating