[USN-6909-2] Bind vulnerabilities
Severity
High
Affected Packages
19
CVEs
2
Several security issues were fixed in Bind.
USN-6909-1 fixed several vulnerabilities in Bind. This update provides
the corresponding update for Ubuntu 18.04 LTS.
Original advisory details:
Toshifumi Sakaguchi discovered that Bind incorrectly handled having a very
large number of RRs existing at the same time. A remote attacker could
possibly use this issue to cause Bind to consume resources, leading to a
denial of service. (CVE-2024-1737)
It was discovered that Bind incorrectly handled a large number of SIG(0)
signed requests. A remote attacker could possibly use this issue to cause
Bind to consume resources, leading to a denial of service. (CVE-2024-1975)
- ID
- USN-6909-2
- Severity
- high
- Severity from
- CVE-2024-1737
- URL
- https://ubuntu.com/security/notices/USN-6909-2
- Published
-
2024-08-01T16:54:51
(6 weeks ago) - Modified
-
2024-08-01T16:54:51
(6 weeks ago) - Other Advisories
-
- ALAS2-2024-2616
- ALPINE:CVE-2024-1737
- ALPINE:CVE-2024-1975
- ALSA-2024:5231
- ALSA-2024:5390
- ALSA-2024:5524
- DSA-5734-1
- ELSA-2024-5231
- ELSA-2024-5390
- ELSA-2024-5524
- FEDORA-2024-8af1780fdf
- FEDORA-2024-ef8a7031e7
- RHSA-2024:5231
- RHSA-2024:5390
- RHSA-2024:5524
- SSA:2024-205-01
- SUSE-SU-2024:2636-1
- SUSE-SU-2024:2810-1
- SUSE-SU-2024:2811-1
- SUSE-SU-2024:2862-1
- SUSE-SU-2024:2863-1
- SUSE-SU-2024:2868-1
- USN-6909-1
- USN-6909-3
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/liblwres160?distro=bionic | ubuntu | liblwres160 | < 9.11.3+dfsg-1ubuntu1.19+esm4 | bionic | ||
Affected | pkg:deb/ubuntu/libisccfg160?distro=bionic | ubuntu | libisccfg160 | < 9.11.3+dfsg-1ubuntu1.19+esm4 | bionic | ||
Affected | pkg:deb/ubuntu/libisccfg-export160?distro=bionic | ubuntu | libisccfg-export160 | < 9.11.3+dfsg-1ubuntu1.19+esm4 | bionic | ||
Affected | pkg:deb/ubuntu/libisccc160?distro=bionic | ubuntu | libisccc160 | < 9.11.3+dfsg-1ubuntu1.19+esm4 | bionic | ||
Affected | pkg:deb/ubuntu/libisccc-export160?distro=bionic | ubuntu | libisccc-export160 | < 9.11.3+dfsg-1ubuntu1.19+esm4 | bionic | ||
Affected | pkg:deb/ubuntu/libisc169?distro=bionic | ubuntu | libisc169 | < 9.11.3+dfsg-1ubuntu1.19+esm4 | bionic | ||
Affected | pkg:deb/ubuntu/libisc-export169?distro=bionic | ubuntu | libisc-export169 | < 9.11.3+dfsg-1ubuntu1.19+esm4 | bionic | ||
Affected | pkg:deb/ubuntu/libirs160?distro=bionic | ubuntu | libirs160 | < 9.11.3+dfsg-1ubuntu1.19+esm4 | bionic | ||
Affected | pkg:deb/ubuntu/libirs-export160?distro=bionic | ubuntu | libirs-export160 | < 9.11.3+dfsg-1ubuntu1.19+esm4 | bionic | ||
Affected | pkg:deb/ubuntu/libdns1100?distro=bionic | ubuntu | libdns1100 | < 9.11.3+dfsg-1ubuntu1.19+esm4 | bionic | ||
Affected | pkg:deb/ubuntu/libdns-export1100?distro=bionic | ubuntu | libdns-export1100 | < 9.11.3+dfsg-1ubuntu1.19+esm4 | bionic | ||
Affected | pkg:deb/ubuntu/libbind9-160?distro=bionic | ubuntu | libbind9-160 | < 9.11.3+dfsg-1ubuntu1.19+esm4 | bionic | ||
Affected | pkg:deb/ubuntu/libbind-export-dev?distro=bionic | ubuntu | libbind-export-dev | < 9.11.3+dfsg-1ubuntu1.19+esm4 | bionic | ||
Affected | pkg:deb/ubuntu/libbind-dev?distro=bionic | ubuntu | libbind-dev | < 9.11.3+dfsg-1ubuntu1.19+esm4 | bionic | ||
Affected | pkg:deb/ubuntu/dnsutils?distro=bionic | ubuntu | dnsutils | < 9.11.3+dfsg-1ubuntu1.19+esm4 | bionic | ||
Affected | pkg:deb/ubuntu/bind9utils?distro=bionic | ubuntu | bind9utils | < 9.11.3+dfsg-1ubuntu1.19+esm4 | bionic | ||
Affected | pkg:deb/ubuntu/bind9?distro=bionic | ubuntu | bind9 | < 9.11.3+dfsg-1ubuntu1.19+esm4 | bionic | ||
Affected | pkg:deb/ubuntu/bind9-host?distro=bionic | ubuntu | bind9-host | < 9.11.3+dfsg-1ubuntu1.19+esm4 | bionic | ||
Affected | pkg:deb/ubuntu/bind9-doc?distro=bionic | ubuntu | bind9-doc | < 9.11.3+dfsg-1ubuntu1.19+esm4 | bionic |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |