Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Bind vulnerabilities (USN-6909-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6909-1 advisory. It was discovered that Bind incorrectly handled a flood of DNS messages over TCP. A remote attacker could possibly use this issue...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-2018)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : bind (EulerOS-SA-2024-2018)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1980)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1998)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.0 : bind (EulerOS-SA-2024-1980)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial o...

SUSE CVE-2024-40945

In the Linux kernel, the following vulnerability has been resolved: iommu: Return right value in iommusvabinddevice iommusvabinddevice should return either a sva bond handle or an ERRPTR value in error cases. Existing drivers idxd and uacce only check the return value with ISERR. This could...

DEBIAN-CVE-2024-40945

In the Linux kernel, the following vulnerability has been resolved: iommu: Return right value in iommusvabinddevice iommusvabinddevice should return either a sva bond handle or an ERRPTR value in error cases. Existing drivers idxd and uacce only check the return value with ISERR. This could...

CVE-2024-40945 iommu: Return right value in iommu_sva_bind_device()

In the Linux kernel, the following vulnerability has been resolved: iommu: Return right value in iommusvabinddevice iommusvabinddevice should return either a sva bond handle or an ERRPTR value in error cases. Existing drivers idxd and uacce only check the return value with ISERR. This could...

CLSA-2024-1720777628 Update of bind

Bump the epoch to fix package upgrade...

CVE-2024-28872 Incorrect TLS certificate validation can lead to escalated privileges

The TLS certificate validation code is flawed. An attacker can obtain a TLS certificate from the Stork server and use it to connect to the Stork agent. Once this connection is established with the valid certificate, the attacker can send malicious commands to a monitored service Kea or BIND 9,...

CVE-2024-28872 Incorrect TLS certificate validation can lead to escalated privileges

The TLS certificate validation code is flawed. An attacker can obtain a TLS certificate from the Stork server and use it to connect to the Stork agent. Once this connection is established with the valid certificate, the attacker can send malicious commands to a monitored service Kea or BIND 9,...

CVE-2024-28872

The CVE-2024-28872 issue affects ISC Stork versions 0.15.0 through 1.15.0 and stems from flawed TLS certificate validation. An attacker could obtain a TLS certificate from the Stork server and use it to connect to the Stork agent, then issue malicious commands to monitored services (Kea or BIND 9...

PT-2024-5336 · Isc +12 · Bind 9 +12

Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.11.0 through 9.11.37 BIND 9 versions 9.16.0 through 9.16.50 BIND 9 versions 9.18.0 through 9.18.27 BIND 9 versions 9.19.0 through 9.19.24 BIND 9 versions 9.11.4-S1 through 9.11.37-S1 BIND 9 versions 9.16.8-S1 through...

CBL Mariner 2.0 Security Update: bind (CVE-2023-6516)

The version of bind installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6516 advisory. - To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up t...

CBL Mariner 2.0 Security Update: bind (CVE-2019-6470)

The version of bind installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-6470 advisory. - There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in...

CBL Mariner 2.0 Security Update: bind (CVE-2023-5517)

The version of bind installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5517 advisory. - A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: -...

CBL Mariner 2.0 Security Update: bind (CVE-2023-5679)

The version of bind installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5679 advisory. - A bad interaction between DNS64 and serve-stale May cause named to crash with an assertion failure during...

CBL Mariner 2.0 Security Update: bind (CVE-2023-4408)

The version of bind installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-4408 advisory. - The DNS message parsing code in named includes a section whose computational complexity is overly high. It does...

CVE-2024-23380

Memory corruption while handling user packets during VBO bind operation...