Stale Data and Assertion Failures in BIND 9 Versions
CVE-2024-4076
Key Information:
Badges
Summary
This vulnerability in BIND 9 arises from a failure in handling client queries that can trigger the serving of stale data. In scenarios where local authoritative zone data is required for lookups, the issue may lead to an assertion failure. This poses a significant concern for users relying on BIND 9 for DNS services. Versions of BIND 9 affected include a range from 9.11.x to 9.19.x, necessitating immediate attention to prevent potential disruptions in service.
Affected Version(s)
BIND 9 9.16.13 <= 9.16.50
BIND 9 9.18.0 <= 9.18.27
BIND 9 9.19.0 <= 9.19.24
Get notified when SecurityVulnerability.io launches alerting đź””
Well keep you posted 📧
News Articles
Defend EdgeCVE-2024-4076ISC Releases Security Advisories for BIND 9 - Defend Edge
The Internet Systems Consortium (ISC) released security advisories to address vulnerabilities affecting multiple versions of ISC’s Berkeley Internet Name Domain (BIND) 9. A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition. CISA encourages users and...
References
CVSS V3.1
Timeline
- đź‘ľ
Exploit known to exist
- đź“°
First article discovered by Defend Edge
Vulnerability published
Vulnerability Reserved