Описание
Security update for bind
This update for bind fixes the following issues:
- CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section (bsc#1236596)
Список пакетов
Image SLES12-SP5-EC2-BYOS
bind-utils-9.11.22-3.60.2
libbind9-161-9.11.22-3.60.2
libdns1110-9.11.22-3.60.2
libirs161-9.11.22-3.60.2
libisc1107-9.11.22-3.60.2
libisccc161-9.11.22-3.60.2
libisccfg163-9.11.22-3.60.2
liblwres161-9.11.22-3.60.2
python-bind-9.11.22-3.60.2
Image SLES12-SP5-EC2-On-Demand
bind-utils-9.11.22-3.60.2
libbind9-161-9.11.22-3.60.2
libdns1110-9.11.22-3.60.2
libirs161-9.11.22-3.60.2
libisc1107-9.11.22-3.60.2
libisccc161-9.11.22-3.60.2
libisccfg163-9.11.22-3.60.2
liblwres161-9.11.22-3.60.2
python-bind-9.11.22-3.60.2
Image SLES12-SP5-EC2-SAP-BYOS
bind-utils-9.11.22-3.60.2
libbind9-161-9.11.22-3.60.2
libdns1110-9.11.22-3.60.2
libirs161-9.11.22-3.60.2
libisc1107-9.11.22-3.60.2
libisccc161-9.11.22-3.60.2
libisccfg163-9.11.22-3.60.2
liblwres161-9.11.22-3.60.2
python-bind-9.11.22-3.60.2
Image SLES12-SP5-EC2-SAP-On-Demand
bind-utils-9.11.22-3.60.2
libbind9-161-9.11.22-3.60.2
libdns1110-9.11.22-3.60.2
libirs161-9.11.22-3.60.2
libisc1107-9.11.22-3.60.2
libisccc161-9.11.22-3.60.2
libisccfg163-9.11.22-3.60.2
liblwres161-9.11.22-3.60.2
python-bind-9.11.22-3.60.2
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
bind-utils-9.11.22-3.60.2
libbind9-161-9.11.22-3.60.2
libdns1110-9.11.22-3.60.2
libirs161-9.11.22-3.60.2
libisc1107-9.11.22-3.60.2
libisccc161-9.11.22-3.60.2
libisccfg163-9.11.22-3.60.2
liblwres161-9.11.22-3.60.2
python-bind-9.11.22-3.60.2
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
bind-utils-9.11.22-3.60.2
libbind9-161-9.11.22-3.60.2
libdns1110-9.11.22-3.60.2
libirs161-9.11.22-3.60.2
libisc1107-9.11.22-3.60.2
libisccc161-9.11.22-3.60.2
libisccfg163-9.11.22-3.60.2
liblwres161-9.11.22-3.60.2
python-bind-9.11.22-3.60.2
SUSE Linux Enterprise Server 12 SP5-LTSS
bind-9.11.22-3.60.2
bind-chrootenv-9.11.22-3.60.2
bind-devel-9.11.22-3.60.2
bind-doc-9.11.22-3.60.2
bind-utils-9.11.22-3.60.2
libbind9-161-9.11.22-3.60.2
libdns1110-9.11.22-3.60.2
libirs161-9.11.22-3.60.2
libisc1107-9.11.22-3.60.2
libisc1107-32bit-9.11.22-3.60.2
libisccc161-9.11.22-3.60.2
libisccfg163-9.11.22-3.60.2
liblwres161-9.11.22-3.60.2
python-bind-9.11.22-3.60.2
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
bind-9.11.22-3.60.2
bind-chrootenv-9.11.22-3.60.2
bind-devel-9.11.22-3.60.2
bind-doc-9.11.22-3.60.2
bind-utils-9.11.22-3.60.2
libbind9-161-9.11.22-3.60.2
libdns1110-9.11.22-3.60.2
libirs161-9.11.22-3.60.2
libisc1107-9.11.22-3.60.2
libisc1107-32bit-9.11.22-3.60.2
libisccc161-9.11.22-3.60.2
libisccfg163-9.11.22-3.60.2
liblwres161-9.11.22-3.60.2
python-bind-9.11.22-3.60.2
Ссылки
- Link for SUSE-SU-2025:0389-1
- E-Mail link for SUSE-SU-2025:0389-1
- SUSE Security Ratings
- SUSE Bug 1236596
- SUSE CVE CVE-2024-11187 page
Описание
It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate resources processing the queries. Zones will usually need to have been deliberately crafted to attack this exposure. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.32-S1.
Затронутые продукты
Image SLES12-SP5-EC2-BYOS:bind-utils-9.11.22-3.60.2
Image SLES12-SP5-EC2-BYOS:libbind9-161-9.11.22-3.60.2
Image SLES12-SP5-EC2-BYOS:libdns1110-9.11.22-3.60.2
Image SLES12-SP5-EC2-BYOS:libirs161-9.11.22-3.60.2
Ссылки
- CVE-2024-11187
- SUSE Bug 1236596