[ALAS2-2024-2616] Amazon Linux 2 2017.12 - ALAS2-2024-2616: important priority package update for bind
Severity
Important
Affected Packages
49
CVEs
2
Package updates are available for Amazon Linux 2 that fix the following vulnerabilities:
CVE-2024-1975:
If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests.
This issue affects BIND 9 versions 9.0.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.49-S1, and 9.18.11-S1 through 9.18.27-S1.
CVE-2024-1737:
Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name.
This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.
- ID
- ALAS2-2024-2616
- Severity
- important
- URL
- https://alas.aws.amazon.com/AL2/ALAS-2024-2616.html
- Published
-
2024-08-01T03:01:00
(6 weeks ago) - Modified
-
2024-08-01T03:01:00
(6 weeks ago) - Rights
- Amazon Linux Security Team
- Other Advisories
-
-
ALPINE:CVE-2024-1737
-
ALPINE:CVE-2024-1975
-
ALSA-2024:5231
-
ALSA-2024:5390
-
ALSA-2024:5524
-
DSA-5734-1
-
ELSA-2024-5231
-
ELSA-2024-5390
-
ELSA-2024-5524
-
FEDORA-2024-8af1780fdf
-
FEDORA-2024-ef8a7031e7
-
RHSA-2024:5231
-
RHSA-2024:5390
-
RHSA-2024:5524
-
SSA:2024-205-01
-
SUSE-SU-2024:2636-1
-
SUSE-SU-2024:2810-1
-
SUSE-SU-2024:2811-1
-
SUSE-SU-2024:2862-1
-
SUSE-SU-2024:2863-1
-
SUSE-SU-2024:2868-1
-
USN-6909-1
-
USN-6909-2
-
USN-6909-3
-
| Source | # ID | Name | URL |
|---|---|---|---|
| CVE | CVE-2024-1737 |
|
|
| CVE | CVE-2024-1975 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/amazonlinux/bind?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
 bind
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/bind?arch=i686&distro=amazonlinux-2 | amazonlinux |
bind
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | i686 | |
| Affected | pkg:rpm/amazonlinux/bind?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
bind
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/bind-utils?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
bind-utils
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/bind-utils?arch=i686&distro=amazonlinux-2 | amazonlinux |
bind-utils
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | i686 | |
| Affected | pkg:rpm/amazonlinux/bind-utils?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
bind-utils
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/bind-sdb?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
bind-sdb
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/bind-sdb?arch=i686&distro=amazonlinux-2 | amazonlinux |
bind-sdb
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | i686 | |
| Affected | pkg:rpm/amazonlinux/bind-sdb?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
bind-sdb
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/bind-sdb-chroot?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
bind-sdb-chroot
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/bind-sdb-chroot?arch=i686&distro=amazonlinux-2 | amazonlinux |
bind-sdb-chroot
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | i686 | |
| Affected | pkg:rpm/amazonlinux/bind-sdb-chroot?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
bind-sdb-chroot
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/bind-pkcs11?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
bind-pkcs11
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/bind-pkcs11?arch=i686&distro=amazonlinux-2 | amazonlinux |
bind-pkcs11
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | i686 | |
| Affected | pkg:rpm/amazonlinux/bind-pkcs11?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
bind-pkcs11
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/bind-pkcs11-utils?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
bind-pkcs11-utils
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/bind-pkcs11-utils?arch=i686&distro=amazonlinux-2 | amazonlinux |
bind-pkcs11-utils
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | i686 | |
| Affected | pkg:rpm/amazonlinux/bind-pkcs11-utils?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
bind-pkcs11-utils
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/bind-pkcs11-libs?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
bind-pkcs11-libs
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/bind-pkcs11-libs?arch=i686&distro=amazonlinux-2 | amazonlinux |
bind-pkcs11-libs
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | i686 | |
| Affected | pkg:rpm/amazonlinux/bind-pkcs11-libs?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
bind-pkcs11-libs
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/bind-pkcs11-devel?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
bind-pkcs11-devel
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/bind-pkcs11-devel?arch=i686&distro=amazonlinux-2 | amazonlinux |
bind-pkcs11-devel
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | i686 | |
| Affected | pkg:rpm/amazonlinux/bind-pkcs11-devel?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
bind-pkcs11-devel
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/bind-lite-devel?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
bind-lite-devel
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/bind-lite-devel?arch=i686&distro=amazonlinux-2 | amazonlinux |
bind-lite-devel
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | i686 | |
| Affected | pkg:rpm/amazonlinux/bind-lite-devel?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
bind-lite-devel
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/bind-license?arch=noarch&distro=amazonlinux-2 | amazonlinux |
bind-license
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | noarch | |
| Affected | pkg:rpm/amazonlinux/bind-libs?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
bind-libs
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/bind-libs?arch=i686&distro=amazonlinux-2 | amazonlinux |
bind-libs
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | i686 | |
| Affected | pkg:rpm/amazonlinux/bind-libs?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
bind-libs
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/bind-libs-lite?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
bind-libs-lite
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/bind-libs-lite?arch=i686&distro=amazonlinux-2 | amazonlinux |
bind-libs-lite
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | i686 | |
| Affected | pkg:rpm/amazonlinux/bind-libs-lite?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
bind-libs-lite
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/bind-export-libs?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
bind-export-libs
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/bind-export-libs?arch=i686&distro=amazonlinux-2 | amazonlinux |
bind-export-libs
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | i686 | |
| Affected | pkg:rpm/amazonlinux/bind-export-libs?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
bind-export-libs
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/bind-export-devel?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
bind-export-devel
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/bind-export-devel?arch=i686&distro=amazonlinux-2 | amazonlinux |
bind-export-devel
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | i686 | |
| Affected | pkg:rpm/amazonlinux/bind-export-devel?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
bind-export-devel
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/bind-devel?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
bind-devel
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/bind-devel?arch=i686&distro=amazonlinux-2 | amazonlinux |
bind-devel
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | i686 | |
| Affected | pkg:rpm/amazonlinux/bind-devel?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
bind-devel
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/bind-debuginfo?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
bind-debuginfo
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/bind-debuginfo?arch=i686&distro=amazonlinux-2 | amazonlinux |
bind-debuginfo
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | i686 | |
| Affected | pkg:rpm/amazonlinux/bind-debuginfo?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
bind-debuginfo
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | aarch64 | |
| Affected | pkg:rpm/amazonlinux/bind-chroot?arch=x86_64&distro=amazonlinux-2 | amazonlinux |
bind-chroot
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | x86_64 | |
| Affected | pkg:rpm/amazonlinux/bind-chroot?arch=i686&distro=amazonlinux-2 | amazonlinux |
bind-chroot
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | i686 | |
| Affected | pkg:rpm/amazonlinux/bind-chroot?arch=aarch64&distro=amazonlinux-2 | amazonlinux |
bind-chroot
|
< 9.11.4-26.P2.amzn2.13.7 | amazonlinux-2 | aarch64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |