7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.223 Low
EPSS
Percentile
96.5%
Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to “dereference a freed fetch context.”
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | bind9 | < 1:9.3.4-2 | bind9_1:9.3.4-2_all.deb |
Debian | 11 | all | bind9 | < 1:9.3.4-2 | bind9_1:9.3.4-2_all.deb |
Debian | 999 | all | bind9 | < 1:9.3.4-2 | bind9_1:9.3.4-2_all.deb |
Debian | 13 | all | bind9 | < 1:9.3.4-2 | bind9_1:9.3.4-2_all.deb |