CVE-2025-58063
HIGHDescription
CoreDNS is a DNS server that chains plugins. Starting in version 1.2.0 and prior to version 1.12.4, the CoreDNS etcd plugin contains a TTL confusion vulnerability where lease IDs are incorrectly used as TTL values, enabling DNS cache pinning attacks. This effectively creates a DoS condition for DNS resolution of affected services. The `TTL()` function in `plugin/etcd/etcd.go` incorrectly casts etcd lease IDs (64-bit integers) to uint32 and uses them as TTL values. Large lease IDs become very large TTLs when cast to uint32. This enables cache pinning attacks. Version 1.12.4 contains a fix for the issue.
Is your site exposed to CVE-2025-58063?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2025-58063? +
How severe is CVE-2025-58063? +
How do I check if I'm vulnerable to CVE-2025-58063? +
Related Vulnerabilities
Microsoft ODBC Driver Remote Code Execution Vulnerability
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.
dsp_mmap_single() validated the requested mapping by checking the sum of the user-supplied offset and length against the buffer size. This …
Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading …