Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2023-2911

Опубликовано: 21 июн. 2023
Источник: redhat
CVSS3: 7.5

Описание

If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1.

A vulnerability was found in BIND. This security flaw occurs when the recursive-clients quota is reached on a BIND 9 resolver configured with stale-answer-enable yes; and stale-answer-client-timeout 0;. A sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6bindNot affected
Red Hat Enterprise Linux 7bindNot affected
Red Hat Enterprise Linux 8bindNot affected
Red Hat Enterprise Linux 8bind9.16Not affected
Red Hat Enterprise Linux 9bindNot affected
Red Hat Enterprise Linux 9dhcpNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-121
https://bugzilla.redhat.com/show_bug.cgi?id=2216228bind: Exceeding the recursive-clients quota may cause named to terminate unexpectedly when stale-answer-client-timeout is set to 0

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2023-2911

CVSS3: 7.5
ubuntu
около 2 лет назад

If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1.

nvd логотип

CVE-2023-2911

CVSS3: 7.5
nvd
около 2 лет назад

If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1.

debian логотип

CVE-2023-2911

CVSS3: 7.5
debian
около 2 лет назад

If the `recursive-clients` quota is reached on a BIND 9 resolver confi ...

github логотип

GHSA-rrr5-v5h9-fpwp

CVSS3: 7.5
github
около 2 лет назад

If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1.

fstec логотип

BDU:2023-03436

CVSS3: 7.5
fstec
около 2 лет назад

Уязвимость сервера DNS BIND, связанная с переполнением буфера в стеке при работе BIND в качестве «резолвера», позволяющая нарушителю вызвать отказ в обслуживании

7.5 High

CVSS3