Lucene search
RedHatRHSA-2024:3271HistoryMay 22, 2024 - 10:41 a.m.
(RHSA-2024:3271) Important: bind and dhcp security update
2024-05-2210:41:26
access.redhat.com
10
bind
dhcp
dns
security protocols
cve-2023-4408
cve-2023-50387
cve-2023-50868
cpu load
dns server
dhcp protocol
network configuration
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.
Security Fix(es):
-
bind9: Parsing large DNS messages may cause excessive CPU load (CVE-2023-4408)
-
bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator (CVE-2023-50387)
-
bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources (CVE-2023-50868)
Bug Fix:
- dhcp rebuilt after API change of bind-export-libs
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 8 | ppc64le | bind-utils-debuginfo | < 9.11.36-14.el8_10 | bind-utils-debuginfo-9.11.36-14.el8_10.ppc64le.rpm |
| RedHat | 8 | ppc64le | dhcp-libs | < 4.3.6-50.el8_10 | dhcp-libs-4.3.6-50.el8_10.ppc64le.rpm |
| RedHat | 8 | ppc64le | dhcp-client-debuginfo | < 4.3.6-50.el8_10 | dhcp-client-debuginfo-4.3.6-50.el8_10.ppc64le.rpm |
| RedHat | 8 | s390x | bind-devel | < 9.11.36-14.el8_10 | bind-devel-9.11.36-14.el8_10.s390x.rpm |
| RedHat | 8 | i686 | bind-pkcs11-debuginfo | < 9.11.36-14.el8_10 | bind-pkcs11-debuginfo-9.11.36-14.el8_10.i686.rpm |
| RedHat | 8 | ppc64le | bind-export-libs-debuginfo | < 9.11.36-14.el8_10 | bind-export-libs-debuginfo-9.11.36-14.el8_10.ppc64le.rpm |
| RedHat | 8 | aarch64 | dhcp-relay-debuginfo | < 4.3.6-50.el8_10 | dhcp-relay-debuginfo-4.3.6-50.el8_10.aarch64.rpm |
| RedHat | 8 | aarch64 | bind-utils | < 9.11.36-14.el8_10 | bind-utils-9.11.36-14.el8_10.aarch64.rpm |
| RedHat | 8 | x86_64 | bind-devel | < 9.11.36-14.el8_10 | bind-devel-9.11.36-14.el8_10.x86_64.rpm |
| RedHat | 8 | s390x | bind-sdb-chroot | < 9.11.36-14.el8_10 | bind-sdb-chroot-9.11.36-14.el8_10.s390x.rpm |
Related
oraclelinux
oraclelinux
bind and dhcp security update
2024-05-29 00:00:00
bind, bind-dyndb-ldap, and dhcp security update
2024-06-10 00:00:00
bind and dhcp security update
2024-04-11 00:00:00
nessus
nessus
Oracle Linux 7 : bind, / bind-dyndb-ldap, / and / dhcp (ELSA-2024-3741)
2024-06-11 00:00:00
Oracle Linux 8 : bind / and / dhcp (ELSA-2024-1782)
2024-04-12 00:00:00
SUSE SLES12 Security Update : bind (SUSE-SU-2024:1894-1)
2024-06-04 00:00:00
osv
osv
Important: bind and dhcp security update
2024-05-22 00:00:00
Important: bind and dhcp security update
2024-05-06 13:04:07
Important: bind and dhcp security update
2024-06-14 13:59:16
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:1894-1)
2024-06-03 00:00:00
Fedora: Security Advisory for dnsmasq (FEDORA-2024-e00eceb11c)
2024-02-29 00:00:00
Fedora: Security Advisory for dnsmasq (FEDORA-2024-e24211eff0)
2024-02-20 00:00:00
redhat
redhat
(RHSA-2024:1782) Important: bind and dhcp security update
2024-04-11 10:46:31
(RHSA-2024:2890) Important: bind and dhcp security update
2024-05-16 11:37:09
(RHSA-2024:2721) Important: bind and dhcp security update
2024-05-07 06:32:21
almalinux
almalinux
Important: bind and dhcp security update
2024-05-22 00:00:00
Important: bind and dhcp security update
2024-04-12 00:00:00
Important: unbound security update
2024-02-26 00:00:00
rocky
rocky
bind and dhcp security update
2024-05-06 13:04:07
bind and dhcp security update
2024-06-14 13:59:16
dnsmasq security update
2024-03-27 04:34:32
fedora
fedora
[SECURITY] Fedora 38 Update: pdns-recursor-4.8.6-1.fc38
2024-02-23 01:32:18
[SECURITY] Fedora 39 Update: unbound-1.19.1-2.fc39
2024-02-18 00:55:50
[SECURITY] Fedora 38 Update: unbound-1.19.1-1.fc38
2024-02-29 01:59:24
ubuntu
ubuntu
Unbound vulnerabilities
2024-02-28 00:00:00
Bind vulnerabilities
2024-04-09 00:00:00
Bind vulnerabilities
2024-02-13 00:00:00
debian
debian
[SECURITY] [DLA 3816-1] bind9 security update
2024-05-17 18:05:06
[SECURITY] [DSA 5626-1] pdns-recursor security update
2024-02-18 16:35:24
[SECURITY] [DLA 3736-1] unbound security update
2024-02-21 12:21:02
cloudlinux
cloudlinux
bind: Fix of 2 CVEs
2024-03-14 17:26:05
cloudfoundry
cloudfoundry
USN-6665-1: Unbound vulnerabilities | Cloud Foundry
2024-04-04 00:00:00
USN-6633-1: Bind vulnerabilities | Cloud Foundry
2024-02-29 00:00:00
slackware
slackware
[slackware-security] dnsmasq
2024-02-14 04:22:19
freebsd
freebsd
DNSSEC validators -- denial-of-service/CPU exhaustion from KeyTrap and NSEC3 vulnerabilities
2024-02-06 00:00:00
powerdns-recursor -- Multiple Vulnerabilities
2024-02-14 00:00:00
mageia
mageia
Updated unbound packages fix security vulnerabilities
2024-02-17 03:55:07
Updated dnsmasq packages fix security vulnerabilities
2024-02-18 04:49:05
Updated bind packages fix security vulnerabilities
2024-02-15 21:36:07
amazon
amazon
Important: bind
2024-04-24 22:15:00
Important: unbound
2024-02-29 10:03:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-24:03.unbound
2024-03-28 00:00:00
redos
redos
ROS-20240611-09
2024-06-11 00:00:00
ROS-20240410-09
2024-04-10 00:00:00
akamaiblog
akamaiblog
photon
photon
Important Photon OS Security Update - PHSA-2024-3.0-0726
2024-02-14 00:00:00