A critical vulnerability in CoreDNS allows attackers with etcd write access to poison DNS caches for years, disrupting service availability and integrity. The flaw misinterprets lease IDs as TTL values, enabling attackers to pin stale DNS records and bypass updates like IP rotations. Mitigation requires updates, access reviews, and configurable TTL limits to prevent prolonged service outages.
Latest mentioned: 09-11
Earliest mentioned: 09-11