CVE Catalog

CVE-2026-40211

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Summary

An attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed right away. The buffer will be freed at the end of the QUIC connection, but on some setups it might be possible to open enough concurrent DoH3 streams to trigger an out-of-memory condition, resulting in a denial of service.

Risk Assessment

The risk is a potential DoS attack via memory exhaustion, which can disrupt DNS services and impact the availability of the entire network infrastructure.

Recommendation

It is recommended to limit the number of concurrent DoH3 streams and apply memory limits for QUIC connections. Also consider updating the software once a patch is available.

Original NVD description (English source)

An attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed right away. The buffer will be freed at the end of the QUIC connection, but on some setups it might be possible to open enough concurrent DoH3 streams to trigger an out-of-memory condition, resulting in a denial of service.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS