CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
19.5%
libbind9.so is vulnerable to DNS message flood attack. The vulnerability is due to inadequate handling of multiple DNS messages over TCP, causing the server to become unstable during the attack. Attackers can exploit this by sending numerous DNS messages over TCP, potentially leading to server instability and denial of service.