Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2026/05/19 1:52 p.m.8 views

bind: Resource exhaustion via malformed DNSKEY handling

A vulnerability was found in BIND 9 resolvers, where processing malformed DNSKEY records from a specially crafted zone can lead to resource exhaustion, primarily causing excessive CPU utilization. This issue enables a remote, unauthenticated attacker to degrade resolver performance and potentiall...

7.5CVSS6.6AI score0.1096EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.4 views

Azure Linux 3.0 Security Update: bind (CVE-2024-12705)

The version of bind installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12705 advisory. - Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted...

7.5CVSS5.6AI score0.16182EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/08/26 8:21 a.m.5 views

bind9: bind: SIG(0) can be used to exhaust CPU resources

A flaw was found in the bind9 package, where if a DNS server hosts a zone containing a "KEY" resource record or a DNS resolver utilizes the DNSSEC validate feature to validate a "KEY" resource record, a malicious client could exhaust the CPU resourced from the resolver by sending a stream of SIG0...

7.5CVSS5.7AI score0.02114EPSS
Exploits0References4
OSV
OSV
added 2024/07/23 3:15 p.m.7 views

AZL-46969 CVE-2024-1975 affecting package bind for versions less than 9.20.0-1

If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG0 signed requests. This issue affects BIND 9 versions 9.0.0 through...

7.5CVSS7.3AI score0.02114EPSS
Exploits0References1
Rows per page
Query Builder