Versions Affected : All verisons prior to FreeNAS 11.3-U3.2


Description

Malformed answers from upstream name servers can send Unbound into an infinite loop, resulting in denial of service.

A malicious query can cause a traffic amplification attack against third party authoritative nameservers. Denial of service of the affected host, or of third parties via traffic amplification.


Workaround

No workaround is available.


Mitigation

  • Upgrade to FreeNAS 11.3-U4.1 or later.

Commit


Further information