Lucene search
+L

6 matches found

AstraLinux
AstraLinux
added 2026/03/03 9:29 a.m.5 views

Astra Linux – Vulnerability in bind9

querying records within a specially crafted zone that contain certain malformed DNSKEY records can lead to CPU exhaustion. This issue affects BIND 9 versions 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1...

7.5CVSS6.4AI score0.1096EPSS
Exploits0References3
OSV
OSV
added 2025/11/14 12:38 p.m.8 views

OESA-2025-2654 bind security update

Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols and provides an openly redistributable reference implementation of the major components of the Domain Name System. This package includes the components to operate a DNS server. Security Fixes: Under...

8.6CVSS8.8AI score0.1096EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/10/22 3:43 p.m.7 views

CVE-2025-8677 Resource exhaustion via malformed DNSKEY handling

Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion. This issue affects BIND 9 versions 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1...

7.5CVSS6.5AI score0.1096EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.5 views

ISC BIND 9 安全漏洞

ISC BIND 9 is a domain name system software from the ISC organization. A denial of service vulnerability exists in ISC BIND 9, which arises from improper resource consumption when processing malformed DNSKEY records in specially crafted zones, and can be exploited by an attacker to cause CPU...

7.5CVSS6.6AI score0.1096EPSS
Exploits0References1
OSV
OSV
added 2024/07/23 3:15 p.m.6 views

AZL-47039 CVE-2024-1975 affecting package dhcp for versions less than 4.4.3.P1-2

If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG0 signed requests. This issue affects BIND 9 versions 9.0.0 through...

7.5CVSS7.2AI score0.02114EPSS
Exploits0References1
OSV
OSV
added 2024/02/13 12:0 a.m.5 views

UBUNTU-CVE-2023-50387

Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG...

7.5CVSS6.8AI score0.99995EPSS
Exploits1References14
Rows per page
Query Builder