Update: there is a CVE from 2020: CVE-2020-25705, known as SAD DNS (Side-channel AttackeD DNS), and also affected Linux, macOS and DNS resolvers like BIND, Unbound & dnsmasq.

But Microsoft updated their advisory *yesterday* saying this vulnerability also affects Windows Server 2025.

"Unsolvable" DNS protocol error?

/amel

________________________
Anne-Marie Eklund Löwinder
Amelsec AB
Hägervägen 27, 122 39 Enskede
+46 734315310
@amelsec.bsky.social


29 aug. 2025 kl. 14:17 skrev Anne-Marie <amel@lowinder.se>:

Hi,

Got this from a friend of mine, I can’t verify. Any comments?

So this is an interesting one: Updated info yesterday from Microsoft regarding a DNS protocol (?) vulnerability in dns resolvers - with no CVE reference. First released on Dec 8,2020, last updated Aug 28 2025. No CVE. No PoC or known exploitation. A dns cache poisoning caused by IP fragmentation (!), and the suggested (temporary?) workaround is to reduce the Maximum UDP packet size to 1221 bytes, so that larger requests will switch to TCP.

I've seen some weird issues & workarounds throughout my years. This is absolutely one of those cases!

https://msrc.microsoft.com/update-guide/vulnerability/ADV200013

/amel

________________________
Anne-Marie Eklund Löwinder
Amelsec AB
Hägervägen 27, 122 39 Enskede
+46 734315310
@amelsec.bsky.social

--
Ns.se mailing list -- ns.se@lists.iis.se
To unsubscribe send an email to ns.se-leave@lists.iis.se