CVE-2024-1737

Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 throug...

AZL-46981 CVE-2024-1737 affecting package bind for versions less than 9.20.0-1

Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 throug...

AZL-47030 CVE-2024-1737 affecting package dhcp for versions less than 4.4.3.P1-2

Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 throug...

DEBIAN-CVE-2024-1737

Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 throug...

DEBIAN-CVE-2024-1975

If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG0 signed requests. This issue affects BIND 9 versions 9.0.0 through...

ALPINE-CVE-2024-1737

Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 throug...

AZL-46988 CVE-2024-1737 affecting package bind for versions less than 9.16.50-1

Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 throug...

AZL-46969 CVE-2024-1975 affecting package bind for versions less than 9.20.0-1

If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG0 signed requests. This issue affects BIND 9 versions 9.0.0 through...

AZL-47000 CVE-2024-1975 affecting package bind for versions less than 9.16.50-1

If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG0 signed requests. This issue affects BIND 9 versions 9.0.0 through...

CVE-2024-1737

Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 throug...

CVE-2024-1737

Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 throug...

UBUNTU-CVE-2024-1737

Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 throug...

PT-2024-5529 · Isc +12 · Bind 9 +12

Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.0.0 through 9.11.37 BIND 9 versions 9.16.0 through 9.16.50 BIND 9 versions 9.18.0 through 9.18.27 BIND 9 versions 9.19.0 through 9.19.24 BIND 9 versions 9.9.3-S1 through 9.11.37-S1 BIND 9 versions 9.16.8-S1 through 9.16.49-S...

UBUNTU-CVE-2024-1975

If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG0 signed requests. This issue affects BIND 9 versions 9.0.0 through...

GHSA-CRJG-W57M-RQQF DNSJava vulnerable to KeyTrap - Denial-of-Service Algorithmic Complexity Attacks

Impact Users using the ValidatingResolver for DNSSEC validation can run into CPU exhaustion with specially crafted DNSSEC-signed zones. Patches Users should upgrade to dnsjava v3.6.0 Workarounds Although not recommended, only using a non-validating resolver, will remove the vulnerability...

DNSJava vulnerable to KeyTrap - Denial-of-Service Algorithmic Complexity Attacks

Impact Users using the ValidatingResolver for DNSSEC validation can run into CPU exhaustion with specially crafted DNSSEC-signed zones. Patches Users should upgrade to dnsjava v3.6.0 Workarounds Although not recommended, only using a non-validating resolver, will remove the vulnerability...

com.netki:wallet-name-resolver (>=0.0.2 <=0.1.3), org.id4me:relying-party-api (>=1.0 <=2.19) potentially affected by CVE-2023-50387 via org.jitsi:dnssecjava (>=1.0 <=2.0.0)

org.jitsi:dnssecjava MAVEN version =1.0, =0.0.2, =1.0, =2.19 Source cves: CVE-2023-50387 Source advisory: OSV:GHSA-CRJG-W57M-RQQF...

DNSJava affected by KeyTrap - NSEC3 closest encloser proof can exhaust CPU resources

Impact Users using the ValidatingResolver for DNSSEC validation can run into CPU exhaustion with specially crafted DNSSEC-signed zones. Patches Users should upgrade to dnsjava v3.6.0 Workarounds Although not recommended, only using a non-validating resolver, will remove the vulnerability...

com.netki:wallet-name-resolver (>=0.0.2 <=0.1.3), org.id4me:relying-party-api (>=1.0 <=2.19) potentially affected by CVE-2023-50868 via org.jitsi:dnssecjava (>=1.0 <=2.0.0)

org.jitsi:dnssecjava MAVEN version =1.0, =0.0.2, =1.0, =2.19 Source cves: CVE-2023-50868 Source advisory: OSV:GHSA-MMWX-RJ87-VFGR...

GHSA-MMWX-RJ87-VFGR DNSJava affected by KeyTrap - NSEC3 closest encloser proof can exhaust CPU resources

Impact Users using the ValidatingResolver for DNSSEC validation can run into CPU exhaustion with specially crafted DNSSEC-signed zones. Patches Users should upgrade to dnsjava v3.6.0 Workarounds Although not recommended, only using a non-validating resolver, will remove the vulnerability...