libbind9.so is vulnerable to denial of service. The number of TCP clients that can be connected at any given time is not limited, allowing a TCP client to send a large number of DNS requests over a single connection. This results in excess resource consumption which can lead to a denial of service condition.
CPE | Name | Operator | Version |
---|---|---|---|
libbind9.so | eq | 160.0.8 |
lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html
lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html
kb.isc.org/docs/cve-2019-6477
lists.fedoraproject.org/archives/list/[email protected]/message/L3DEMNZMKR57VQJCG5ZN55ZGTQRL2TFQ/
lists.fedoraproject.org/archives/list/[email protected]/message/XGURMGQHX45KR4QDRCSUQHODUFOGNGAN/
support.f5.com/csp/article/K15840535?utm_source=f5support&utm_medium=RSS
www.debian.org/security/2020/dsa-4689
www.synology.com/security/advisory/Synology_SA_19_39