CVE-2026-33259
Use-After-Free in RPZ Transfers Causes Recursor Crash
Publication date: 2026-04-22
Last updated on: 2026-04-27
Assigner: Open-Xchange
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| powerdns | recursor | From 5.2.0 (inc) to 5.2.9 (exc) |
| powerdns | recursor | From 5.3.0 (inc) to 5.3.6 (exc) |
| powerdns | recursor | 5.4.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-416 | The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs when there are many concurrent transfers of the same RPZ (Response Policy Zone). Such concurrent transfers can lead to inconsistent RPZ data, use-after-free errors, and potentially cause the recursor (the DNS resolver component) to crash.
Normally, concurrent transfers of the same RPZ zone should not happen unless there is a malfunction in the RPZ provider.
How can this vulnerability impact me? :
The vulnerability can cause the DNS recursor to crash due to inconsistent RPZ data or use-after-free errors. This can lead to denial of service or instability in DNS resolution.