Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-25219

Опубликовано: 27 окт. 2021
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 5.3

Описание

In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may cause significant delays in client query processing.

РелизСтатусПримечание
bionic

released

1:9.11.3+dfsg-1ubuntu1.16
devel

released

1:9.16.15-1ubuntu2
esm-infra-legacy/trusty

not-affected

1:9.9.5.dfsg-3ubuntu0.19+esm5
esm-infra/bionic

not-affected

1:9.11.3+dfsg-1ubuntu1.16
esm-infra/focal

not-affected

1:9.16.1-0ubuntu2.9
esm-infra/xenial

released

1:9.10.3.dfsg.P4-8ubuntu1.19+esm1
focal

released

1:9.16.1-0ubuntu2.9
hirsute

released

1:9.16.8-1ubuntu3.2
impish

released

1:9.16.15-1ubuntu1.1
jammy

released

1:9.16.15-1ubuntu2

Показывать по

Ссылки на источники

EPSS

Процентиль: 66%
0.00518
Низкий

5 Medium

CVSS2

5.3 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-25219

CVSS3: 5.3
redhat
почти 4 года назад

In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may cause significant delays in client query processing.

nvd логотип

CVE-2021-25219

CVSS3: 5.3
nvd
почти 4 года назад

In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may cause significant delays in client query processing.

msrc логотип

CVE-2021-25219

CVSS3: 5.3
msrc
больше 3 лет назад

Описание отсутствует

debian логотип

CVE-2021-25219

CVSS3: 5.3
debian
почти 4 года назад

In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> ...

suse-cvrf логотип

openSUSE-SU-2022:0151-1

suse-cvrf
больше 3 лет назад

Security update for bind

EPSS

Процентиль: 66%
0.00518
Низкий

5 Medium

CVSS2

5.3 Medium

CVSS3