CVE-2023-3341

Updated: 2025-12-14 02:33:11.21467

Description:

The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing `named` to terminate unexpectedly. Since each incoming control channel message is fully parsed before its contents are authenticated, exploiting this flaw does not require the attacker to hold a valid RNDC key; only network access to the control channel's configured TCP port is necessary. This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x NONE 0.0
CVSS Version 3.x HIGH 7.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
AlmaLinux 9.2 ESU bind 9.16.23 7.5 HIGH Already Fixed 2023-11-08 08:36:05
CentOS 6 ELS bind 9.8.2 7.5 HIGH Released CLSA-2023:1697136232 2023-10-30 09:35:21
CentOS 7 ELS bind 9.11.4 7.5 HIGH Released CLSA-2023:1697135138 2023-10-12 17:07:56
CentOS 8.4 ELS bind 9.11.26 7.5 HIGH Released CLSA-2023:1697134824 2023-10-12 17:07:53
CentOS 8.5 ELS bind 9.11.26 7.5 HIGH Released CLSA-2023:1697134618 2023-10-12 17:07:54
CloudLinux 6 ELS bind 9.8.2 7.5 HIGH Released CLSA-2023:1697135837 2023-10-30 09:35:24
Debian 10 ELS bind9 9.11.5 7.5 HIGH Already Fixed 2025-10-21 18:58:38
Oracle Linux 6 ELS bind 9.8.2 7.5 HIGH Released CLSA-2023:1697135570 2023-10-12 17:07:57
Oracle Linux 7 ELS bind 9.11.4 7.5 HIGH Already Fixed 2026-01-20 01:23:24
Ubuntu 16.04 ELS bind9 9.10.3 7.5 HIGH Released CLSA-2023:1697134400 2023-10-12 17:07:59
Total: 11