Important: Red Hat Security Advisory: bind9.16 security update

An update for bind9.16 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

bind: bind9: Assertion failure when serving both stale cache data and authoritative zone content

A flaw was found in the bind9 package, where a client query triggers stale data and also requires local lookups may trigger a assertion failure. This issue results in a denial of service of the bind server...

OESA-2024-1973 bind security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

OESA-2024-1969 bind security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

SUSE-SU-2024:2863-1 Security update for bind

This update for bind fixes the following issues: Update to 9.16.50: - Bug Fixes: A regression in cache-cleaning code enabled memory use to grow significantly more quickly than before, until the configured max-cache-size limit was reached. This has been fixed. Using rndc flush inadvertently caused...

SUSE-SU-2024:2862-1 Security update for bind

This update for bind fixes the following issues: Update to 9.16.50: - Bug Fixes: A regression in cache-cleaning code enabled memory use to grow significantly more quickly than before, until the configured max-cache-size limit was reached. This has been fixed. Using rndc flush inadvertently caused...

K000140602: BIND vulnerability CVE-2024-4076

Security Advisory Description Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1...

Amazon Linux 2023 : bind, bind-chroot, bind-devel (ALAS2023-2024-680)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-680 advisory. Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or update...

Security Bulletin: IBM Storage Ceph is vulnerable to a Reachable Assertion in the RHEL UBI (CVE-2024-33601)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2024-33601. Vulnerability Details CVEID:CVE-2024-33601 DESCRIPTION: glibc is vulnerable to a denial of service, caused by a memor...

CVE-2024-23350 Reachable Assertion in Multi Mode Call Processor

Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network...

CVE-2024-23350 Reachable Assertion in Multi Mode Call Processor

Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network...

CVE-2024-23350

CVE-2024-23350 relates to a permanent Denial of Service in Qualcomm Snapdragon software, triggered when the DL NAS transport processes multiple payloads: one payload with a SOR container failing its integrity check and another LPP where the UE must send a status message. Root cause cited as an un...

Fedora 40 : bind / bind-dyndb-ldap (2024-8af1780fdf)

The remote Fedora 40 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-8af1780fdf advisory. Update to BIND 9.18.28 Security Fixes - A malicious DNS client that sent many queries over TCP but never read the responses could cause a server to...

CVE-2024-42117

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: ASSERT when failing to find index by plane/stream id WHY finddispcfgidxbyplaneid and finddispcfgidxbystreamid returns an array index and they return -1 when not found; however, -1 is not a valid index number. HOW...

SUSE CVE-2024-4076

Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1...

Assertion Failure

libbind9.so is vulnerable to an Assertion Failure. The vulnerability is due to improper handling of client queries that trigger serving stale data and require lookups in local authoritative zone data, allowing an attacker to disrupt the normal operation of the BIND 9 service, potentially causing ...

CVE-2024-4076

A flaw was found in the bind9 package, where a client query triggers stale data and also requires local lookups may trigger a assertion failure. This issue results in a denial of service of the bind server. Mitigation Mitigation for this issue is either not available or the currently available...

CVE-2024-4076

Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1...

AZL-46966 CVE-2024-4076 affecting package bind for versions less than 9.20.0-1

Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1...

DEBIAN-CVE-2024-4076

Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1...