logo
DATABASE RESOURCES PRICING ABOUT US

F5 Networks BIG-IP : BIND vulnerability (K10092301)

Description

A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1. (CVE-2019-6471) Impact A remote attacker, who could cause the BIND resolver to perform queries on a server, which responds deliberately with malformed answers, can cause named to exit and result in a denial-of-service (DoS) condition.


Related