Named TuDoor, the attack uses malformed DNS packets to trigger logic errors inside DNS software. The attack specifically targets the part of the DNS resolver that prepares DNS responses for user queries.
Academics say they can use a quick succession of malformed packets to poison a DNS resolver’s cache, cause a denial of service, or increase a server’s resource consumption.
So far, patches have been released by Google, Microsoft, Cloudflare, BIND, Knot, AdGuard, and others.