vulnerability context

CVE-2026-12244

CWE-122OTX 1 pulse

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an (uint16_t) variable that is used to allocate space needed for the RR wrap (because total size > 65535), causing a heap overflow. The attacker can perform a controlled (RCE class) head write of up to 65509 bytes

Published 2026-06-25 · last modified 2026-06-25

details

CISA KEV status: Not in catalog
CWE: CWE-122
OTX pulses: 1 total, 0 recent

View on NVD → · cve.org

source mentions 2

Several vulnerabilities were found in NLnet Labs NSDoss-security · 1h ago
[CVE Alerts ] CVE-2026-12244 - Heap overflow and crash with crafted SVCB RR CVE ID : CVE-2026-12244 Published : June 25, 2026, ...Bluesky · 11h ago

source consensus

oss-security1×
Bluesky1×

Want the 3-bullet summary of CVE-2026-12244, plus webhook alerts when KEV is updated? Pro is $10/mo.

Open in reader See Pro →