Lucene search
UbuntuUSN-6791-1HistoryMay 28, 2024 - 12:00 a.m.
Unbound vulnerability
2024-05-2800:00:00
ubuntu.com
33
unbound
dnsbomb
vulnerability
ubuntu
denial of service
resource limits
dns resolver
caching
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.7
Confidence
Low
EPSS
0
Percentile
14.2%
Releases
- Ubuntu 24.04 LTS
- Ubuntu 23.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Packages
- unbound - validating, recursive, caching DNS resolver
Details
It was discovered that Unbound could take part in a denial of service
amplification attack known as DNSBomb. This update introduces certain
resource limits to make the impact from Unbound significantly lower.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 24.04 | noarch | libunbound8 | < 1.19.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libunbound-dev | < 1.19.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libunbound8-dbgsym | < 1.19.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | python3-unbound | < 1.19.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | python3-unbound-dbgsym | < 1.19.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | unbound | < 1.19.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | unbound-anchor | < 1.19.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | unbound-anchor-dbgsym | < 1.19.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | unbound-dbgsym | < 1.19.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | unbound-host | < 1.19.2-1ubuntu3.1 | UNKNOWN |
References
Related
thn
thn
Researchers Warn of CatDDoS Botnet and DNSBomb DDoS Attack Technique
2024-05-28 10:15:00
alpinelinux
alpinelinux
CVE-2024-33655
2024-06-06 17:15:51
osv
osv
CVE-2024-33655
2024-06-06 17:15:51
unbound - security update
2024-06-17 00:00:00
unbound vulnerability
2024-05-28 11:34:52
redos
redos
ROS-20240918-06
2024-09-18 00:00:00
nessus
nessus
Amazon Linux 2 : unbound (ALASUNBOUND-2024-001)
2024-05-31 00:00:00
Amazon Linux AMI : unbound (ALAS-2024-1934)
2024-05-13 00:00:00
Fedora 40 : unbound (2024-68626e0eb5)
2024-05-23 00:00:00
openvas
openvas
Fedora: Security Advisory (FEDORA-2024-68626e0eb5)
2024-05-27 00:00:00
Mageia: Security Advisory (MGASA-2024-0203)
2024-06-03 00:00:00
Ubuntu: Security Advisory (USN-6791-1)
2024-05-29 00:00:00
amazon
amazon
Important: unbound
2024-05-09 19:16:00
Important: unbound
2024-05-09 17:43:00
veracode
veracode
Denial Of Service(DoS)
2024-05-12 08:51:17
vulnrichment
vulnrichment
CVE-2024-33655
2024-06-06 00:00:00
debiancve
debiancve
CVE-2024-33655
2024-06-06 17:15:51
mageia
mageia
Updated unbound packages fix security vulnerability
2024-06-02 06:29:33
fedora
fedora
[SECURITY] Fedora 40 Update: unbound-1.20.0-1.fc40
2024-05-23 01:09:16
[SECURITY] Fedora 39 Update: unbound-1.20.0-1.fc39
2024-05-23 01:14:02
cloudfoundry
cloudfoundry
USN-6791-1: Unbound vulnerability | Cloud Foundry
2024-07-25 00:00:00
cve
cve
CVE-2024-33655
2024-06-06 17:15:51
ubuntucve
ubuntucve
CVE-2024-33655
2024-05-10 00:00:00
cvelist
cvelist
CVE-2024-33655
2024-06-06 00:00:00
redhatcve
redhatcve
CVE-2024-33655
2024-05-10 04:24:54
nvd
nvd
CVE-2024-33655
2024-06-06 17:15:51
photon
photon
Important Photon OS Security Update - PHSA-2024-3.0-0789
2024-08-28 00:00:00
Important Photon OS Security Update - PHSA-2024-5.0-0357
2024-08-27 00:00:00
Important Photon OS Security Update - PHSA-2024-4.0-0677
2024-08-28 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.7
Confidence
Low
EPSS
0
Percentile
14.2%
Related for USN-6791-1