named configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quota

...

ROS-2-1277

2.1277 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

CVE-2017-3140

If named is configured to use Response Policy Zones RPZ an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0-9.11.1, 9.9.10-S1, 9.10.5-S1...

bind: Too long query name causes segmentation fault in lwresd

It was found that the lightweight resolver protocol implementation in BIND could enter an infinite recursion and crash when asked to resolve a query name which, when combined with a search list entry, exceeds the maximum allowable length. A remote attacker could use this flaw to crash lwresd or...

Security fix for the ALT Linux 9 package bind version 9.10.4.P8-alt1

April 12, 2017 Dmitry V. Levin 9.10.4.P8-alt1 - 9.10.4-P6 - 9.10.4-P8 fixes: CVE-2017-3136, CVE-2017-3137, CVE-2017-3138. - bind.service: pass $CHROOT to named-checkconf closes: 33239. - bind.init: check named configuration on startup...

Important: Red Hat Bug Fix Advisory: bind bug fix update

Updated bind packages are available. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. The bind package provides a DNS server named, which resolves host names to IP addresses, and tools for control and verification of the DNS server. The bind-libs...