CVE-2023-28452 Information

Description

An issue was discovered in CoreDNS through 1.10.1. There is a vulnerability in DNS resolving software which triggers a resolver to ignore valid responses thus causing denial of service for normal resolution. In an exploit the attacker could just forge a response targeting the source port of a vulnerable resolver without the need to guess the correct TXID.

Reference

https://coredns.io/ https://gist.github.com/idealeer/e41c7fb3b661d4262d0b6f21e12168ba