CVE-2024-33655

2024-06-0617:15:51

Debian Security Bug Tracker

security-tracker.debian.org

cve-2024-33655

dns protocol

rfc 1035

denial of service

resource consumption

remote attackers

traffic amplification

unix

6.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

14.3%

JSON

The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service (resource consumption) by arranging for DNS queries to be accumulated for seconds, such that responses are later sent in a pulsing burst (which can be considered traffic amplification in some cases), aka the “DNSBomb” issue.

OSVersionArchitecturePackageVersionFilename
Debian12allunbound<= 1.17.1-2+deb12u1unbound_1.17.1-2+deb12u1_all.deb
Debian11allunbound<= 1.13.1-1+deb11u1unbound_1.13.1-1+deb11u1_all.deb
Debian10allunbound<= 1.9.0-2+deb10u2unbound_1.9.0-2+deb10u2_all.deb
Debian999allunbound< 1.20.0-1unbound_1.20.0-1_all.deb
Debian13allunbound< 1.20.0-1unbound_1.20.0-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	unbound	<= 1.17.1-2+deb12u1	unbound_1.17.1-2+deb12u1_all.deb
Debian	11	all	unbound	<= 1.13.1-1+deb11u1	unbound_1.13.1-1+deb11u1_all.deb
Debian	10	all	unbound	<= 1.9.0-2+deb10u2	unbound_1.9.0-2+deb10u2_all.deb
Debian	999	all	unbound	< 1.20.0-1	unbound_1.20.0-1_all.deb
Debian	13	all	unbound	< 1.20.0-1	unbound_1.20.0-1_all.deb