A flaw was found in the way bind failed to free memory when processing certain messages. An attacker could use this flaw to cause a denial of service via memory exhaustion, by send specially crafted messages with Extension mechanisms for DNS (EDNS) options.