Lucene search
K

196 matches found

Positive Technologies
Positive Technologies
added 2024/10/31 12:0 a.m.8 views

PT-2024-38657

Name of the Vulnerable Software and Affected Versions Arm Cortex-M Security Extensions CMSE affected versions not specified Description The issue allows Secure stack contents to be leaked to Non-secure state via floating-point registers when a Secure to Non-secure function call is made that retur...

3.7CVSS4.8AI score0.00478EPSS
Exploits1References28
RedHat Linux
RedHat Linux
added 2024/08/26 8:21 a.m.5 views

bind9: bind: SIG(0) can be used to exhaust CPU resources

A flaw was found in the bind9 package, where if a DNS server hosts a zone containing a "KEY" resource record or a DNS resolver utilizes the DNSSEC validate feature to validate a "KEY" resource record, a malicious client could exhaust the CPU resourced from the resolver by sending a stream of SIG0...

7.5CVSS5.7AI score0.02114EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/08/15 7:27 a.m.4 views

bind9: bind: SIG(0) can be used to exhaust CPU resources

A flaw was found in the bind9 package, where if a DNS server hosts a zone containing a "KEY" resource record or a DNS resolver utilizes the DNSSEC validate feature to validate a "KEY" resource record, a malicious client could exhaust the CPU resourced from the resolver by sending a stream of SIG0...

7.5CVSS5.7AI score0.02114EPSS
Exploits0References4
OSV
OSV
added 2024/07/23 3:15 p.m.4 views

DEBIAN-CVE-2024-1975

If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG0 signed requests. This issue affects BIND 9 versions 9.0.0 through...

7.5CVSS7.9AI score0.02114EPSS
Exploits0References1
OSV
OSV
added 2024/07/23 3:15 p.m.5 views

AZL-47039 CVE-2024-1975 affecting package dhcp for versions less than 4.4.3.P1-2

If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG0 signed requests. This issue affects BIND 9 versions 9.0.0 through...

7.5CVSS7.2AI score0.02114EPSS
Exploits0References1
OSV
OSV
added 2024/07/23 12:0 a.m.9 views

UBUNTU-CVE-2024-1975

If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG0 signed requests. This issue affects BIND 9 versions 9.0.0 through...

7.5CVSS7.2AI score0.02114EPSS
Exploits0References5
OSV
OSV
added 2024/06/20 3:49 p.m.10 views

CLSA-2024-1718898538 systemd: Fix of CVE-2023-7008

CVE-2023-7008: prevent systemd-resolved from accepting DNS records of DNSSEC- signed domains without a signature to mitigate man-in-the-middle attacks...

5.9CVSS6.6AI score0.00849EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/06/13 2:57 p.m.7 views

bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

Processing specially crafted responses coming from DNSSEC-signed zones can lead to uncontrolled CPU usage, leading to a Denial of Service in the DNSSEC-validating resolver side. This vulnerability applies only for systems where DNSSEC validation is enabled...

7.5CVSS6.7AI score0.99995EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/06/13 2:57 p.m.7 views

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

7.5CVSS6.7AI score0.81729EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/06/13 2:29 a.m.4 views

bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

Processing specially crafted responses coming from DNSSEC-signed zones can lead to uncontrolled CPU usage, leading to a Denial of Service in the DNSSEC-validating resolver side. This vulnerability applies only for systems where DNSSEC validation is enabled...

7.5CVSS6.7AI score0.99995EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/06/13 2:29 a.m.7 views

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

7.5CVSS6.7AI score0.81729EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2024/06/03 12:0 a.m.6 views

The vulnerability of the DNS resolver, knot resolver, arises due to insufficient validation of input data. This allows attackers to convert a domain protected by DNSSEC into a domain that is not protected by DNSSEC.

The vulnerability of the DNS resolver, Knot Resolver, exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to trigger a Denial-of-Service attack by using multiple TCP connections...

7.8CVSS7.1AI score0.00641EPSS
Exploits0References6Affected Software2
OSV
OSV
added 2024/05/31 7:8 a.m.8 views

CLSA-2024-1717139314 bind: Fix of 2 CVEs

Moved tuxcare patches from 32:9.11.4-26.P2.14 - CVE-2023-50387: Resolved CPU exhaustion from specially crafted DNSSEC-signed zone responses - CVE-2023-50868: Resolved CPU exhaustion from DNSSEC-signed zones using NSEC3...

7.5CVSS7AI score0.99995EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2024/05/22 11:48 a.m.5 views

bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

Processing specially crafted responses coming from DNSSEC-signed zones can lead to uncontrolled CPU usage, leading to a Denial of Service in the DNSSEC-validating resolver side. This vulnerability applies only for systems where DNSSEC validation is enabled...

7.5CVSS6.7AI score0.99995EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2024/05/14 4:58 a.m.20 views

CVE-2024-0151

Arm is aware of a potential software security issue in code that uses Cortex-M Security Extensions CMSE and has been compiled with tools that implement Arm v8-M Security Extensions Requirements on Development Tools before version 1.4. This issue potentially allows an attacker who can pass...

7.9CVSS7.4AI score0.00448EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/05/13 1:34 a.m.6 views

bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

Processing specially crafted responses coming from DNSSEC-signed zones can lead to uncontrolled CPU usage, leading to a Denial of Service in the DNSSEC-validating resolver side. This vulnerability applies only for systems where DNSSEC validation is enabled...

7.5CVSS6.7AI score0.99995EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/05/13 1:34 a.m.6 views

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

7.5CVSS6.7AI score0.81729EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/05/07 7:56 a.m.6 views

bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

Processing specially crafted responses coming from DNSSEC-signed zones can lead to uncontrolled CPU usage, leading to a Denial of Service in the DNSSEC-validating resolver side. This vulnerability applies only for systems where DNSSEC validation is enabled...

7.5CVSS6.7AI score0.99995EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/05/06 1:15 a.m.7 views

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

7.5CVSS6.7AI score0.81729EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/04/30 3:10 p.m.4 views

bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

Processing specially crafted responses coming from DNSSEC-signed zones can lead to uncontrolled CPU usage, leading to a Denial of Service in the DNSSEC-validating resolver side. This vulnerability applies only for systems where DNSSEC validation is enabled...

7.5CVSS6.7AI score0.99995EPSS
Exploits0References7
Rows per page
Query Builder