CVE-2023-50387

CVE-2023-50387 (KeyTrap) affects DNSSEC processing in DNS resolvers. Multiple advisories note excessive CPU/DoS risk when validating DNSKEY/RRSIG in zones with many records. Affected products include Bind (bind9) and Unbound across Linux distributions (e.g., AL2, AlmaLinux) with patches/released ...

CVE-2023-50387

Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG...

CVE-2023-50387

Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG...

ISC BIND 9.0.0 < 9.16.48 / 9.9.3-S1 < 9.16.48-S1 / 9.18.0 < 9.18.24 / 9.18.11-S1 < 9.18.24-S1 / 9.19.0 < 9.19.21 Vulnerability (cve-2023-50387)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2023-50387 advisory. - Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause...