Lucene search
UbuntuUSN-6183-1HistoryJun 21, 2023 - 12:00 a.m.
Bind vulnerabilities
2023-06-2100:00:00
ubuntu.com
44
ubuntu
bind9
cache size limit
denial of service
cve-2023-2828
recursive-clients quota
crash
cve-2023-2911
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
8.2
Confidence
High
EPSS
0.002
Percentile
51.8%
Releases
- Ubuntu 23.04
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Packages
- bind9 - Internet Domain Name Server
Details
Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered
that Bind incorrectly handled the cache size limit. A remote attacker could
possibly use this issue to consume memory, leading to a denial of service.
(CVE-2023-2828)
It was discovered that Bind incorrectly handled the recursive-clients
quota. A remote attacker could possibly use this issue to cause Bind to
crash, resulting in a denial of service. This issue only affected Ubuntu
22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-2911)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 23.04 | noarch | bind9 | < 1:9.18.12-1ubuntu1.1 | UNKNOWN |
| Ubuntu | 23.04 | noarch | bind9-dbgsym | < 1:9.18.12-1ubuntu1.1 | UNKNOWN |
| Ubuntu | 23.04 | noarch | bind9-dev | < 1:9.18.12-1ubuntu1.1 | UNKNOWN |
| Ubuntu | 23.04 | noarch | bind9-dnsutils | < 1:9.18.12-1ubuntu1.1 | UNKNOWN |
| Ubuntu | 23.04 | noarch | bind9-dnsutils-dbgsym | < 1:9.18.12-1ubuntu1.1 | UNKNOWN |
| Ubuntu | 23.04 | noarch | bind9-doc | < 1:9.18.12-1ubuntu1.1 | UNKNOWN |
| Ubuntu | 23.04 | noarch | bind9-host | < 1:9.18.12-1ubuntu1.1 | UNKNOWN |
| Ubuntu | 23.04 | noarch | bind9-host-dbgsym | < 1:9.18.12-1ubuntu1.1 | UNKNOWN |
| Ubuntu | 23.04 | noarch | bind9-libs | < 1:9.18.12-1ubuntu1.1 | UNKNOWN |
| Ubuntu | 23.04 | noarch | bind9-libs-dbgsym | < 1:9.18.12-1ubuntu1.1 | UNKNOWN |
Related
openvas
openvas
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2023-3051)
2023-10-31 00:00:00
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2023-3068)
2023-10-31 00:00:00
Ubuntu: Security Advisory (USN-6183-1)
2023-06-22 00:00:00
nessus
nessus
Fedora 37 : bind / bind-dyndb-ldap (2023-1d526d551c)
2023-06-30 00:00:00
EulerOS Virtualization 2.11.1 : bind (EulerOS-SA-2023-3051)
2024-01-16 00:00:00
EulerOS Virtualization 2.11.0 : bind (EulerOS-SA-2023-3068)
2024-01-16 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: bind-9.18.16-1.fc38
2023-06-25 00:52:51
[SECURITY] Fedora 37 Update: bind-dyndb-ldap-11.10-15.fc37
2023-06-30 01:35:42
[SECURITY] Fedora 38 Update: bind-dyndb-ldap-11.10-17.fc38
2023-06-25 00:52:52
osv
osv
bind9 vulnerability
2023-07-18 12:33:33
bind9 - security update
2023-06-25 00:00:00
bind9 vulnerabilities
2023-06-21 17:11:48
ubuntu
ubuntu
Bind vulnerability
2023-07-18 00:00:00
redos
redos
ROS-20230907-03
2023-09-07 00:00:00
debian
debian
[SECURITY] [DSA 5439-1] bind9 security update
2023-06-25 20:12:23
[SECURITY] [DLA 3498-1] bind9 security update
2023-07-19 09:38:19
cloudfoundry
cloudfoundry
USN-6183-1: Bind vulnerabilities | Cloud Foundry
2023-08-04 00:00:00
ibm
ibm
cvelist
cvelist
cbl_mariner
cbl_mariner
CVE-2023-2911 affecting package bind for versions less than 9.16.44-1
2023-10-11 01:41:59
CVE-2023-2828 affecting package bind 9.16.37-1
2023-08-15 16:37:27
CVE-2023-2828 affecting package dhcp for versions less than 4.4.2-5
2024-06-06 19:53:22
cve
cve
CVE-2023-2911
2023-06-21 17:15:47
CVE-2023-2828
2023-06-21 17:15:47
alpinelinux
alpinelinux
CVE-2023-2911
2023-06-21 17:15:47
redhatcve
redhatcve
CVE-2023-2911
2023-06-21 22:25:38
CVE-2023-2828
2023-06-21 22:47:00
debiancve
debiancve
CVE-2023-2911
2023-06-21 17:15:47
CVE-2023-2828
2023-06-21 17:15:47
ubuntucve
ubuntucve
CVE-2023-2911
2023-06-21 00:00:00
CVE-2023-2828
2023-06-21 00:00:00
f5
f5
K000135504 : BIND vulnerability CVE-2023-2911
2023-07-17 00:00:00
K000135312 : BIND vulnerability CVE-2023-2828
2023-06-30 00:00:00
slackware
slackware
[slackware-security] bind
2023-06-22 01:55:49
prion
prion
Stack overflow
2023-06-21 17:15:00
Design/Logic Flaw
2023-06-21 17:15:00
veracode
veracode
Denial Of Service (DoS)
2023-06-30 03:31:23
Denial Of Service (DoS)
2023-06-27 16:12:43
nvd
nvd
CVE-2023-2911
2023-06-21 17:15:47
CVE-2023-2828
2023-06-21 17:15:47
almalinux
almalinux
Important: bind security update
2023-07-17 00:00:00
Important: bind9.16 security update
2023-07-17 00:00:00
Important: bind security update
2023-07-17 00:00:00
oraclelinux
oraclelinux
bind security update
2023-07-19 00:00:00
bind security update
2023-07-20 00:00:00
bind9.16 security update
2023-07-20 00:00:00
rocky
rocky
bind9.16 security update
2023-08-08 12:34:07
bind security update
2023-08-08 12:33:57
bind security update
2023-08-08 12:34:57
amazon
amazon
Important: bind
2023-07-05 22:01:00
Important: bind
2023-07-19 22:14:00
redhat
redhat
(RHSA-2023:4037) Important: bind9.16 security update
2023-07-12 07:52:23
(RHSA-2023:4102) Important: bind security update
2023-07-17 08:08:17
(RHSA-2023:4099) Important: bind security update
2023-07-17 08:08:12
aix
aix
AIX is vulnerable to denial of service due to ISC BIND
2023-09-07 13:08:07
centos
centos
bind security update
2023-08-03 14:24:41
rosalinux
rosalinux
Advisory ROSA-SA-2023-2279
2023-10-24 13:59:56
Advisory ROSA-SA-2023-2245
2023-10-17 12:03:14
thn
thn
High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server
2023-09-22 08:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-5.0-0037
2023-06-23 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
8.2
Confidence
High
EPSS
0.002
Percentile
51.8%
Related for USN-6183-1