NSD 4.13.0 Heap UAF via TLS Logging on DoT
CVE-2026-12245 Published on June 25, 2026
Denial of DNS over TLS service by any DoT client
NSD from version 4.13.0 has a heap use-after-free bug in logging errors on TLS connections, causing a crash of the server process, which can be triggered trivially by sending a DNS query over a DoT connection, and closing the connection without reading the response.
Timeline
Issue reported by Qifan Zhang
NLnet Labs shares patch 15 days later.
Qifan Zhang verifies patch 3 days later.
Fix released with version 4.14.3 10 days later.
Weakness Type
What is a Dangling pointer Vulnerability?
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
CVE-2026-12245 has been classified to as a Dangling pointer vulnerability or weakness.
Products Associated with CVE-2026-12245
Want to know whenever a new CVE is published for Canonical Ubuntu Linux? stack.watch will email you.
Affected Versions
NLnet Labs NSD:- Version 4.13.0 and below 4.14.3 is affected.