Updated: 2024-11-30 03:08:57.380162
Description:
In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | MEDIUM | 5 |
CVSS Version 3.x | HIGH | 7.5 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
---|---|---|---|---|---|---|---|---|
CentOS 6 ELS | bind | 9.8.2 | 7.5 | HIGH | Released | CLSA-2021:1632261705 | 2022-05-05 12:00:47 | |
CentOS 7 ELS | bind | 9.11.4 | 7.5 | HIGH | Already Fixed | 2023-09-19 09:30:36 | ||
CentOS 8.4 ELS | bind | 9.11.26 | 7.5 | HIGH | Already Fixed | 2023-10-30 11:22:51 | ||
CentOS 8.5 ELS | bind | 9.11.26 | 7.5 | HIGH | Already Fixed | 2023-10-30 11:22:24 | ||
CloudLinux 6 ELS | bind | 9.8.2 | 7.5 | HIGH | Released | 2022-04-25 18:47:31 | ||
Oracle Linux 6 ELS | bind | 9.8.2 | 7.5 | HIGH | Released | CLSA-2021:1634922250 | 2022-04-25 18:47:31 | |
Ubuntu 16.04 ELS | bind9 | 9.10.3 | 7.5 | HIGH | Not Vulnerable | 2022-04-04 03:48:12 | ||
Ubuntu 18.04 ELS | bind9 | 9.11.3 | 7.5 | HIGH | Already Fixed | 2023-06-02 09:11:09 |