bind: assertion failure while handling responses containing a DNAME answer

🗓️ 02 Nov 2016 16:07:20Reported by RedHatType

redhat

redhat🔗 access.redhat.com👁 3 Views

Bind assertion failure on delegation name records may cause denial of service by crafted replies.

Reporter	Title	Published	Views	Family All 173
FreeBSD	BIND -- Remote Denial of Service vulnerability	1 Nov 201600:00	–	freebsd
IBM Security Bulletins	Security Bulletin: IBM i is affected by networking BIND vulnerabilities (CVE-2016-2775, CVE-2016-2776, CVE-2016-8864 and CVE-2016-6170)	18 Dec 201914:26	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in bind affect PowerKVM (CVE-2016-2776, CVE-2016-8864)	18 Jun 201801:33	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in BIND affects IBM Netezza Host Management	18 Oct 201903:10	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in BIND affects Power Hardware Management Console (CVE-2016-8864)	23 Sep 202101:31	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in expat, nss, bind , policycoreutils, sudo shipped with SmartCloud Entry Appliance	19 Jul 202000:49	–	ibm
Tenable Nessus	ISC BIND 9.x < 9.9.9-P4 / 9.9.9-S6 / 9.10.4-P4 / 9.11.0-P1 DoS	20 Jan 201700:00	–	nessus
Tenable Nessus	AIX bind Advisory : bind_advisory14.asc (IV91214) (IV91253) (IV91254) (IV91255) (IV91256) (IV91257)	3 Aug 201700:00	–	nessus
Tenable Nessus	AIX 7.1 TL 3 : bind (IV91214) (deprecated)	16 Dec 201600:00	–	nessus
Tenable Nessus	AIX 5.3 TL 12 : bind (IV91253) (deprecated)	28 Dec 201600:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	5	i386	bind97	32:9.7.0-21.P2.el5_11.9	bind97-32:9.7.0-21.P2.el5_11.9.i386.rpm
Red Hat Enterprise Linux	5	ia64	bind97	32:9.7.0-21.P2.el5_11.9	bind97-32:9.7.0-21.P2.el5_11.9.ia64.rpm
Red Hat Enterprise Linux	5	ppc	bind97	32:9.7.0-21.P2.el5_11.9	bind97-32:9.7.0-21.P2.el5_11.9.ppc.rpm
Red Hat Enterprise Linux	5	s390x	bind97	32:9.7.0-21.P2.el5_11.9	bind97-32:9.7.0-21.P2.el5_11.9.s390x.rpm
Red Hat Enterprise Linux	5	x86_64	bind97	32:9.7.0-21.P2.el5_11.9	bind97-32:9.7.0-21.P2.el5_11.9.x86_64.rpm
Red Hat Enterprise Linux	5	i386	bind97-chroot	32:9.7.0-21.P2.el5_11.9	bind97-chroot-32:9.7.0-21.P2.el5_11.9.i386.rpm
Red Hat Enterprise Linux	5	ia64	bind97-chroot	32:9.7.0-21.P2.el5_11.9	bind97-chroot-32:9.7.0-21.P2.el5_11.9.ia64.rpm
Red Hat Enterprise Linux	5	ppc	bind97-chroot	32:9.7.0-21.P2.el5_11.9	bind97-chroot-32:9.7.0-21.P2.el5_11.9.ppc.rpm
Red Hat Enterprise Linux	5	s390x	bind97-chroot	32:9.7.0-21.P2.el5_11.9	bind97-chroot-32:9.7.0-21.P2.el5_11.9.s390x.rpm
Red Hat Enterprise Linux	5	x86_64	bind97-chroot	32:9.7.0-21.P2.el5_11.9	bind97-chroot-32:9.7.0-21.P2.el5_11.9.x86_64.rpm

Source	Link
access	www.access.redhat.com/security/cve/CVE-2016-8864
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
kb	www.kb.isc.org/article/AA-01434
nvd	www.nvd.nist.gov/vuln/detail/CVE-2016-8864
cve	www.cve.org/CVERecord

21 Nov 2025 17:58Current

7.1High risk

Vulners AI Score7.1

CVSS 25

CVSS 3.17.5

EPSS0.44377

bind delegation name record denial of service crafted replies remote attacker