Platform
linux
Component
maradns
CVE-2026-40719 describes a denial-of-service vulnerability found in MaraDNS. This flaw allows attackers to exhaust connection slots within the DNS server by crafting a malicious zone with an authoritative nameserver address that cannot be resolved. The vulnerability affects MaraDNS version 3.5.0036. As of the publication date, no official patch is available to address this issue.
CVE-2026-40719 affects MaraDNS version 3.5.0036, presenting a denial-of-service (DoS) vulnerability. An attacker can exhaust the server's connection slots by creating a zone with an authoritative nameserver address that cannot be resolved. This causes MaraDNS to repeatedly attempt to resolve the non-existent address, consuming server resources and potentially disrupting service. The vulnerability is rated as 7.5 on the CVSS scale, indicating a significant impact. Currently, there is no official fix available for this vulnerability, increasing the risk to affected systems. The lack of a patch necessitates alternative mitigation measures to protect MaraDNS servers.
The vulnerability is exploited by creating an authoritative DNS zone in MaraDNS that points to a non-existent nameserver. MaraDNS, upon attempting to resolve the authoritative nameserver address, enters a retry loop, consuming server resources until available connection slots are exhausted. This attack is relatively simple to execute and requires no authentication, making it a significant threat to MaraDNS servers exposed to the internet. The effectiveness of the attack depends on the MaraDNS server configuration and the attacker's ability to create a malicious authoritative zone. The absence of an official fix means administrators must take proactive steps to protect their systems.
Exploit Status
EPSS
0.02% (4% percentile)
CISA SSVC
As there is no official fix for CVE-2026-40719, mitigation focuses on limiting exposure and reducing potential impact. Implementing firewall rules to restrict access to MaraDNS ports to trusted sources is recommended. Closely monitoring server resource usage, particularly CPU and memory, can help detect ongoing attacks. Consider temporarily disabling problematic authoritative zones or modifying their configuration to prevent resolving invalid names. Finally, keeping MaraDNS software updated to the latest available version is advisable (although it doesn't address this specific vulnerability, it may address others). Implementing these measures can help reduce the risk of a DoS attack.
Actualice MaraDNS a una versión corregida para evitar el agotamiento de las conexiones. Consulte el changelog oficial de MaraDNS para obtener información sobre las versiones disponibles y las instrucciones de actualización.
Vulnerability analysis and critical alerts directly to your inbox.
'Deadwood' refers to how MaraDNS gets 'stuck' attempting to resolve a non-existent address, consuming server resources.
Implement the recommended mitigation measures, such as firewall rules and resource monitoring.
Yes, the vulnerability is remotely exploitable as it requires no authentication.
Use operating system monitoring tools or network monitoring software to track CPU, memory, and network connection usage.
Currently, there are no specific tools to detect this vulnerability, but resource monitoring can help identify suspicious activity.
CVSS Vector
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.