CVE-2019-6477

2019-11-2000:00:00

ubuntu.com

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.017 Low

EPSS

Percentile

87.9%

JSON

With pipelining enabled each incoming query on a TCP connection requires a
similar resource allocation to a query received via UDP or via TCP without
pipelining enabled. A client using a TCP-pipelined connection to a server
could consume more resources than the server has been provisioned to
handle. When a TCP connection with a large number of pipelined queries is
closed, the load on the server releasing these multiple resources can cause
it to become unresponsive, even for queries that can be answered
authoritatively or from cache. (This is most likely to be perceived as an
intermittent server problem).

Notes

Author	Note
mdeslaur	introduced in https://github.com/isc-projects/bind9/commit/761d135ed686601f36fe3d0d4aaa6bf41287bb0f

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchbind9< 1:9.11.3+dfsg-1ubuntu1.11UNKNOWN
ubuntu19.04noarchbind9< 1:9.11.5.P1+dfsg-1ubuntu2.6UNKNOWN
ubuntu19.10noarchbind9< 1:9.11.5.P4+dfsg-5.1ubuntu2.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	bind9	< 1:9.11.3+dfsg-1ubuntu1.11	UNKNOWN
ubuntu	19.04	noarch	bind9	< 1:9.11.5.P1+dfsg-1ubuntu2.6	UNKNOWN
ubuntu	19.10	noarch	bind9	< 1:9.11.5.P4+dfsg-5.1ubuntu2.1	UNKNOWN