It was found 1 that in default configuration PowerDNS is allowed to
consume more file descriptors than is available for a default installation
of many Linux distributions.
Default configuration is: 2 threads / 2048 max-mthreads, which leads
to a theoretical FD consumption of 4096. Default FD limit on many
distributions is 1024.
This can potentially lead to the DoS attack.
Workaround (from 1):
Patch is available at 2
References:
https://bugs.mageia.org/show_bug.cgi?id=13521
https://bugzilla.redhat.com/show_bug.cgi?id=1109231
Can a CVE please be assigned if one has not been already?
Thanks.
β Vasyl Kaigorodov | Red Hat Product Security Team PGP: 0xABB6E828 A7E0 87FF 5AB5 48EB 47D0 2868 217B F9FC ABB6 E828