CVE-2021-25219

Опубликовано: 27 окт. 2021

Источник: ubuntu

Приоритет: medium

CVSS2: 5

CVSS3: 5.3

Описание

In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may cause significant delays in client query processing.

Релиз	Статус	Примечание
bionic	released	1:9.11.3+dfsg-1ubuntu1.16
devel	released	1:9.16.15-1ubuntu2
esm-infra-legacy/trusty	released	1:9.9.5.dfsg-3ubuntu0.19+esm5
esm-infra/bionic	released	1:9.11.3+dfsg-1ubuntu1.16
esm-infra/focal	released	1:9.16.1-0ubuntu2.9
esm-infra/xenial	released	1:9.10.3.dfsg.P4-8ubuntu1.19+esm1
focal	released	1:9.16.1-0ubuntu2.9
hirsute	released	1:9.16.8-1ubuntu3.2
impish	released	1:9.16.15-1ubuntu1.1
jammy	released	1:9.16.15-1ubuntu2

Показывать по

Ссылки на источники

5 Medium

CVSS2

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2021-25219

CVSS3: 5.3

redhat

больше 4 лет назад

CVE-2021-25219

CVSS3: 5.3

nvd

больше 4 лет назад

CVE-2021-25219

CVSS3: 5.3

msrc

около 4 лет назад

Lame cache can be abused to severely degrade resolver performance

CVE-2021-25219

CVSS3: 5.3

debian

больше 4 лет назад

In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> ...

openSUSE-SU-2022:0151-1

suse-cvrf

около 4 лет назад

Security update for bind

5 Medium

CVSS2

5.3 Medium

CVSS3

CVE-2021-25219

Описание

Пакет bind9

Ссылки на источники

Связанные уязвимости