CVE-2023-5517

CVE-2023-5517 is a BIND vulnerability where a flaw in query-handling can cause named to exit with an assertion failure when nxdomain-redirect is configured and a PTR query for an RFC 1918 address would yield NXDOMAIN. Affected: BIND 9.x (various 9.12.0–9.19.19 and related 9.16/9.18 ranges; versio...

CVE-2023-5517

A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...

CVE-2023-4408 Parsing large DNS messages may cause excessive CPU load

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects bot...

CVE-2023-4408

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects bot...

CVE-2023-4408

The CVE-2023-4408 issue is a vulnerability in the DNS message parsing of BIND's named where the parsing path has an overly high computational complexity. A crafted large or malformed DNS message can cause high CPU usage on affected BIND 9 releases, potentially impacting both authoritative servers...

CVE-2023-4408 Parsing large DNS messages may cause excessive CPU load

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects bot...

CVE-2023-4408

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects bot...

ISC Releases Security Advisories for BIND 9

The Internet Systems Consortium ISC released security advisories to address vulnerabilities affecting multiple versions of ISC’s Berkeley Internet Name Domain BIND 9. A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition. CISA encourages users and...

PT-2024-14985 · Isc +9 · Bind 9 +9

Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.16.0 through 9.16.45 BIND 9 versions 9.16.8-S1 through 9.16.45-S1 Description: The issue affects the named process running as a recursive resolver, which attempts to clean up its cache database using several methods, includi...

PT-2024-3867 · Isc · Bind

Name of the Vulnerable Software and Affected Versions: BIND versions 9.11.3-S1 through 9.11.37-S1 BIND versions 9.16.8-S1 through 9.16.45-S1 BIND versions 9.18.11-S1 through 9.18.21-S1 Description: The issue is related to the EDNS Client Subnet ECS component of the BIND DNS server, which can lead...

ISC BIND 9.9.3-S1 < 9.16.48-S1 / 9.0.0 < 9.16.48 / 9.16.8-S1 < 9.16.48-S1 / 9.18.0 < 9.18.24 / 9.18.11-S1 < 9.18.24-S1 / 9.19.0 < 9.19.21 Vulnerability (cve-2023-4408)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2023-4408 advisory. - The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause...

ISC BIND 9.16.0 < 9.16.48 / 9.16.8-S1 < 9.16.48-S1 Vulnerability (cve-2023-6516)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2023-6516 advisory. - To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database...

ISC BIND Security Vulnerability

ISC BIND is a suite of open source software that implements the DNS protocol from the US company ISC. A security vulnerability exists in ISC BIND that stems from a problem in the query processing code that could lead to an assertion failure...

CVE-2023-5679

A bad interaction between DNS64 and serve-stale may cause named to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through...

CVE-2023-5517

A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...

CVE-2023-4408

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects bot...

PT-2024-1751

Vulnerability Report Name of the Vulnerable Software and Affected Versions BIND versions 9.16.48-1 through 9.18.24-1 Unbound versions 1.19.1-alt1 PDNS Recursor versions 4.8.6-1 Knot Resolver versions 5.6.0-1+deb12u1 systemd affected versions not specified dnsmasq affected versions not specified...

ISC BIND Security Vulnerability

ISC BIND is a suite of open source software that implements the DNS protocol from the US company ISC. A security vulnerability exists in ISC BIND that stems from a specific recursive query pattern that may result in out of memory...

CVE-2023-6516

To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...

UBUNTU-CVE-2023-6516

To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...