A critical flaw in the design of DNSSEC (DNS Security Extensions) has been found, introducing a vulnerability in all DNSSEC-validating DNS resolver implementations.
By flooding the target resolver with requests exploiting this CVE, an attacker can significantly reduce DNS performance, preventing legitimate clients from accessing the DNS resolution service managed by Artica.
Disabling DNSSEC validation feature inside DNS services will remove the vulnerability.
The following software updates also correct the security issue: