AZL-27203 CVE-2023-2828 affecting package dhcp for versions less than 4.4.2-5

🗓️ 21 Jun 2023 17:15:47Reported by GoogleType

osv

osv🔗 osv.dev👁 1 Views

Vulnerability affects dhcp below version 4.4.2-5; BIND named cache can exceed max size due to RRset order.

Reporter	Title	Published	Views	Family All 268
IBM Security Bulletins	Security Bulletin: IBM Spectrum Symphony with ISC BIND is vulnerable to a denial of service	26 Mar 202504:01	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Network Packet Capture includes components with multiple known vulnerabilities (CVE-2023-2828, CVE-2023-24329, CVE-2022-4839)	14 Nov 202315:29	–	ibm
IBM Security Bulletins	Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND (CVE-2023-2828)	7 Sep 202320:05	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in BIND affects IBM Integrated Analytics System (Sailfish)[CVE-2023-2828]	11 Sep 202311:29	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities	24 Oct 202319:01	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps	26 Mar 202503:58	–	ibm
IBM Security Bulletins	Security Bulletin: Netcool Operations Insights 1.6.11 addresses multiple security vulnerabilities.	20 Dec 202316:10	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Spectrum Conductor with ISC BIND is vulnerable to a denial of service	5 Oct 202320:12	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Operational Decision Manager for December 2023 - Multiple CVEs addressed	8 Jan 202409:54	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.	12 Sep 202319:10	–	ibm

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-2828

21 Apr 2026 04:24Current

7High risk

Vulners AI Score7

CVSS 3.17.5

EPSS0.01176

dhcp bind named resource record set max cache size memory limit cache cleaning vulnerability