Premature Exit and Assertion Failure in BIND 9 Due to Query-Handling Code Flaw
CVE-2023-5517
7.5HIGH
What is CVE-2023-5517?
A vulnerability exists in the query-handling code of BIND 9 DNS servers, leading to a potential premature exit due to an assertion failure. This occurs when the server is configured with nxdomain-redirect <domain>;
, in conjunction with receiving a PTR query for an RFC 1918 address, typically resulting in an authoritative NXDOMAIN response. The flaw affects several versions of BIND 9, indicating a risk that could impact DNS resolution across various network environments, necessitating timely updates and mitigations by system administrators.
Affected Version(s)
BIND 9 9.12.0 <= 9.16.45
BIND 9 9.18.0 <= 9.18.21
BIND 9 9.19.0 <= 9.19.19