“A single packet can exhaust the processing capacity of a vulnerable DNS server, effectively disabling the machine, by exploiting a 20-plus-year-old design flaw in the DNSSEC specification.
https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/
