5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.104 Low
EPSS
Percentile
94.9%
The Internet Systems Consortium reports:
Organizations across the Internet reported crashes interrupting
service on BIND 9 nameservers performing recursive queries.
Affected servers crashed after logging an error in query.c with
the following message: “INSIST(! dns_rdataset_isassociated(sigrdataset))”
Multiple versions were reported being affected, including all
currently supported release versions of ISC BIND 9.
Because it may be possible to trigger this bug even on networks
that do not allow untrusted users to access the recursive name
servers (perhaps via specially crafted e-mail messages, and/or
malicious web sites) it is recommended that ALL operators of
recursive name servers upgrade immediately.