CVE-2023-4236 named may terminate unexpectedly under high DNS-over-TLS query load

A flaw in the networking code handling DNS-over-TLS queries may cause named to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9 versions 9.18.0 through 9.18.18...

CVE-2023-4236

CVE-2023-4236 affects BIND 9 to include versions 9.18.0–9.18.18 and 9.18.11-S1–9.18.18-S1. The issue is a flaw in the DNS-over-TLS networking code that can cause an assertion failure, leading to an unexpected termination of named under heavy DNS-over-TLS query load. The practical consequence is a...

CVE-2023-4236

A flaw in the networking code handling DNS-over-TLS queries may cause named to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9 versions 9.18.0 through 9.18.18...

CVE-2023-4236

A flaw in the networking code handling DNS-over-TLS queries may cause named to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9 versions 9.18.0 through 9.18.18...

ISC BIND DoS Vulnerability (CVE-2023-4236) - Windows

ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2022-10108)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-10108 advisory. - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34882781 CVE-2022-4378 - proc: avoid integer type confusi...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6124-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6124-1 advisory. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests,...

EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2023-1902)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6071-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6071-1 advisory. It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2023-0030)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may all...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5791-3)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5791-3 advisory. It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free...

Ubuntu 22.10 : Linux kernel (IBM) vulnerabilities (USN-5793-4)

The remote Ubuntu 22.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5793-4 advisory. It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5792-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5792-1 advisory. Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secu...

Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerabilities (USN-5790-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5790-1 advisory. It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this...

SUSE SLES12 Security Update : kernel (SUSE-SU-2022:4611-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4611-1 advisory. The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...

SUSE SLES15 Security Update : kernel (Live Patch 26 for SLE 15 SP2) (SUSE-SU-2022:4580-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4580-1 advisory. - A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function...

SUSE SLES15 Security Update : kernel (Live Patch 24 for SLE 15 SP2) (SUSE-SU-2022:4587-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4587-1 advisory. - A flaw was found in the Linux kernel's driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The...

SUSE SLES12 Security Update : kernel (Live Patch 25 for SLE 12 SP4) (SUSE-SU-2022:4595-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4595-1 advisory. - A flaw was found in the Linux kernel's driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The...

SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 23 for SLE 12 SP4) (SUSE-SU-2022:4550-1)

The remote SUSE Linux SLES12 / SLES15 / SLESSAP12 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4550-1 advisory. - A flaw was found in the Linux kernel's driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet...

SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP4) (SUSE-SU-2022:4569-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4569-1 advisory. - A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function...