Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2025:1676

Опубликовано: 26 фев. 2025
Источник: rocky
Оценка: Important

Описание

Important: bind9.16 security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.

Security Fix(es):

  • bind: bind9: Many records in the additional section cause CPU exhaustion (CVE-2024-11187)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
bind9.16x86_640.22.el8_10.2bind9.16-9.16.23-0.22.el8_10.2.x86_64.rpm
bind9.16-chrootx86_640.22.el8_10.2bind9.16-chroot-9.16.23-0.22.el8_10.2.x86_64.rpm
bind9.16-dnssec-utilsx86_640.22.el8_10.2bind9.16-dnssec-utils-9.16.23-0.22.el8_10.2.x86_64.rpm
bind9.16-libsx86_640.22.el8_10.2bind9.16-libs-9.16.23-0.22.el8_10.2.x86_64.rpm
bind9.16-licensenoarch0.22.el8_10.2bind9.16-license-9.16.23-0.22.el8_10.2.noarch.rpm
bind9.16-utilsx86_640.22.el8_10.2bind9.16-utils-9.16.23-0.22.el8_10.2.x86_64.rpm
python3-bind9.16noarch0.22.el8_10.2python3-bind9.16-9.16.23-0.22.el8_10.2.noarch.rpm

Показывать по

Связанные CVE

CVE-2024-11187

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2024-11187

CVSS3: 7.5
ubuntu
5 месяцев назад

It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate resources processing the queries. Zones will usually need to have been deliberately crafted to attack this exposure. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.32-S1.

redhat логотип

CVE-2024-11187

CVSS3: 7.5
redhat
5 месяцев назад

It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate resources processing the queries. Zones will usually need to have been deliberately crafted to attack this exposure. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.32-S1.

nvd логотип

CVE-2024-11187

CVSS3: 7.5
nvd
5 месяцев назад

It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate resources processing the queries. Zones will usually need to have been deliberately crafted to attack this exposure. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.32-S1.

msrc логотип

CVE-2024-11187

CVSS3: 7.5
msrc
4 месяца назад

Описание отсутствует

debian логотип

CVE-2024-11187

CVSS3: 7.5
debian
5 месяцев назад

It is possible to construct a zone such that some queries to it will g ...