Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2023-4408) Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind icorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2023-50387) It was discovered that Bind incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2023-50868) It was discovered that Bind incorrectly handled reverse zone queries when nxdomain-redirect is enabled. A remote attacker could possibly use this issue to cause Bind to crash, leading to a denial of service. (CVE-2023-5517) It was discovered that Bind incorrectly handled certain specific recursive query patterns. A remote attacker could possibly use this issue to cause Bind to consume memory, leading to a denial of service. (CVE-2023-6516) Bind has been updated to 9.6.48. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://downloads.isc.org/isc/bind9/9.16.48/doc/arm/html/notes.html
Continue reading...
Continue reading...
