"'KeyTrap' DNS Bug Threatens Widespread Internet Outages"

Researchers recently discovered a fundamental design flaw in a Domain Name System (DNS) security extension that could lead to widespread Internet outages. The security vulnerability, called KeyTrap and tracked as CVE-2023-50387, was discovered by a team from the Germany-based ATHENE National Research Center for Applied Cybersecurity. According to the team, a single packet sent to a DNS server implementation using the DNSSEC extension to validate traffic could cause the server to enter a resolution loop, consuming all of its own computing power and stalling. If multiple DNS servers were exploited simultaneously with KeyTrap, widespread Internet outages could occur. This article continues to discuss the potential exploitation and impact of the KeyTrap DNS bug.

Dark Reading reports "'KeyTrap' DNS Bug Threatens Widespread Internet Outages"

Submitted by grigby1

Submitted by Gregory Rigby on