NSD: Symbolic link traversal

NSD: Symbolic link traversal A vulnerability was discovered in NSD which could allow a local attacker to cause a Denial of Service condition. nsd 2021-01-29 2021-01-29 758977 local 4.3.4 4.3.4

An authoritative only, high performance, open source name server

A local vulnerability was discovered that would allow for a local symlink attack due to how NSD handles PID files.

A local attacker could cause a Denial of Service condition.

There is no known workaround at this time.

All NSD users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=net-dns/nsd-4.3.4"

CVE-2020-28935 Upstream advisory whissi b-man