1. Home
  2. Vulnerabilities
  3. CVE-2024-1975

CVE-2024-1975

CVSS v3.1 7.5 (High)
75% Progress
EPSS 0.05 % (20th)
0.05% Progress
Advisories 24
NVD Status Awaiting Analysis
Info CVSS EPSS CAPEC References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests.
This issue affects BIND 9 versions 9.0.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.49-S1, and 9.18.11-S1 through 9.18.27-S1.

Weaknesses
CWE-770
Allocation of Resources Without Limits or Throttling
CVE Status
PUBLISHED
NVD Status
Awaiting Analysis
CNA
Internet Systems Consortium (ISC)
Published Date
2024-07-23 15:15:03
(8 weeks ago)
Updated Date
2024-08-01 13:46:16
(6 weeks ago)