Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2024-0760
Vulnerability from cvelistv5
Published
2024-07-23 14:26
Modified
2025-02-13 17:27
Severity ?
EPSS score ?
Summary
A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack.
This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.
References
Impacted products
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "bind", vendor: "isc", versions: [ { lessThanOrEqual: "9.18.27", status: "affected", version: "9.18.1", versionType: "custom", }, { lessThanOrEqual: "9.19.24", status: "affected", version: "9.19.0", versionType: "custom", }, { lessThanOrEqual: "9.18.27-s1", status: "affected", version: "9.18.11-s1", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-0760", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-23T16:02:34.286057Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-770", description: "CWE-770 Allocation of Resources Without Limits or Throttling", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T20:36:51.162Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T18:18:18.515Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://security.netapp.com/advisory/ntap-20240731-0004/", }, { name: "CVE-2024-0760", tags: [ "vendor-advisory", "x_transferred", ], url: "https://kb.isc.org/docs/cve-2024-0760", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/23/1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "BIND 9", vendor: "ISC", versions: [ { lessThanOrEqual: "9.18.27", status: "affected", version: "9.18.1", versionType: "custom", }, { lessThanOrEqual: "9.19.24", status: "affected", version: "9.19.0", versionType: "custom", }, { lessThanOrEqual: "9.18.27-S1", status: "affected", version: "9.18.11-S1", versionType: "custom", }, ], }, ], datePublic: "2024-07-23T00:00:00.000Z", descriptions: [ { lang: "en", value: "A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. \nThis issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.", }, ], exploits: [ { lang: "en", value: "This flaw was discovered in internal testing. We are not aware of any active exploits.", }, ], impacts: [ { descriptions: [ { lang: "en", value: "The server can become unresponsive until sometime after the attack ends.", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], providerMetadata: { dateUpdated: "2024-07-31T11:05:57.323Z", orgId: "404fd4d2-a609-4245-b543-2c944a302a22", shortName: "isc", }, references: [ { name: "CVE-2024-0760", tags: [ "vendor-advisory", ], url: "https://kb.isc.org/docs/cve-2024-0760", }, { url: "http://www.openwall.com/lists/oss-security/2024/07/23/1", }, { url: "http://www.openwall.com/lists/oss-security/2024/07/31/2", }, ], solutions: [ { lang: "en", value: "Upgrade to the patched release most closely related to your current version of BIND 9: 9.18.28, 9.20.0, or 9.18.28-S1.", }, ], source: { discovery: "INTERNAL", }, title: "A flood of DNS messages over TCP may make the server unstable", workarounds: [ { lang: "en", value: "No workarounds known.", }, ], }, }, cveMetadata: { assignerOrgId: "404fd4d2-a609-4245-b543-2c944a302a22", assignerShortName: "isc", cveId: "CVE-2024-0760", datePublished: "2024-07-23T14:26:54.983Z", dateReserved: "2024-01-19T20:26:52.962Z", dateUpdated: "2025-02-13T17:27:19.172Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { descriptions: "[{\"lang\": \"en\", \"value\": \"A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. \\nThis issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.\"}, {\"lang\": \"es\", \"value\": \"Un cliente malintencionado puede enviar muchos mensajes DNS a trav\\u00e9s de TCP, lo que podr\\u00eda provocar que el servidor se vuelva inestable mientras el ataque est\\u00e1 en curso. El servidor puede recuperarse una vez que cese el ataque. El uso de ACL no mitigar\\u00e1 el ataque. Este problema afecta a las versiones 9.18.1 a 9.18.27, 9.19.0 a 9.19.24 y 9.18.11-S1 a 9.18.27-S1 de BIND 9.\"}]", id: "CVE-2024-0760", lastModified: "2024-11-21T08:47:18.850", metrics: "{\"cvssMetricV31\": [{\"source\": \"security-officer@isc.org\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}", published: "2024-07-23T15:15:03.520", references: "[{\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/23/1\", \"source\": \"security-officer@isc.org\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/31/2\", \"source\": \"security-officer@isc.org\"}, {\"url\": \"https://kb.isc.org/docs/cve-2024-0760\", \"source\": \"security-officer@isc.org\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/23/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://kb.isc.org/docs/cve-2024-0760\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240731-0004/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]", sourceIdentifier: "security-officer@isc.org", vulnStatus: "Awaiting Analysis", weaknesses: "[{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-770\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2024-0760\",\"sourceIdentifier\":\"security-officer@isc.org\",\"published\":\"2024-07-23T15:15:03.520\",\"lastModified\":\"2024-11-21T08:47:18.850\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. \\nThis issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.\"},{\"lang\":\"es\",\"value\":\"Un cliente malintencionado puede enviar muchos mensajes DNS a través de TCP, lo que podría provocar que el servidor se vuelva inestable mientras el ataque está en curso. El servidor puede recuperarse una vez que cese el ataque. El uso de ACL no mitigará el ataque. Este problema afecta a las versiones 9.18.1 a 9.18.27, 9.19.0 a 9.19.24 y 9.18.11-S1 a 9.18.27-S1 de BIND 9.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-officer@isc.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/23/1\",\"source\":\"security-officer@isc.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/31/2\",\"source\":\"security-officer@isc.org\"},{\"url\":\"https://kb.isc.org/docs/cve-2024-0760\",\"source\":\"security-officer@isc.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/23/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://kb.isc.org/docs/cve-2024-0760\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240731-0004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.netapp.com/advisory/ntap-20240731-0004/\"}, {\"url\": \"https://kb.isc.org/docs/cve-2024-0760\", \"name\": \"CVE-2024-0760\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/23/1\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T18:18:18.515Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-0760\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-23T16:02:34.286057Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\"], \"vendor\": \"isc\", \"product\": \"bind\", \"versions\": [{\"status\": \"affected\", \"version\": \"9.18.1\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.18.27\"}, {\"status\": \"affected\", \"version\": \"9.19.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.19.24\"}, {\"status\": \"affected\", \"version\": \"9.18.11-s1\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.18.27-s1\"}], \"defaultStatus\": \"unaffected\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-770\", \"description\": \"CWE-770 Allocation of Resources Without Limits or Throttling\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-23T16:07:47.752Z\"}}], \"cna\": {\"title\": \"A flood of DNS messages over TCP may make the server unstable\", \"source\": {\"discovery\": \"INTERNAL\"}, \"impacts\": [{\"descriptions\": [{\"lang\": \"en\", \"value\": \"The server can become unresponsive until sometime after the attack ends.\"}]}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"ISC\", \"product\": \"BIND 9\", \"versions\": [{\"status\": \"affected\", \"version\": \"9.18.1\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.18.27\"}, {\"status\": \"affected\", \"version\": \"9.19.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.19.24\"}, {\"status\": \"affected\", \"version\": \"9.18.11-S1\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.18.27-S1\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"This flaw was discovered in internal testing. We are not aware of any active exploits.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Upgrade to the patched release most closely related to your current version of BIND 9: 9.18.28, 9.20.0, or 9.18.28-S1.\"}], \"datePublic\": \"2024-07-23T00:00:00.000Z\", \"references\": [{\"url\": \"https://kb.isc.org/docs/cve-2024-0760\", \"name\": \"CVE-2024-0760\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/23/1\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/31/2\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"No workarounds known.\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. \\nThis issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.\"}], \"providerMetadata\": {\"orgId\": \"404fd4d2-a609-4245-b543-2c944a302a22\", \"shortName\": \"isc\", \"dateUpdated\": \"2024-07-31T11:05:57.323Z\"}}}", cveMetadata: "{\"cveId\": \"CVE-2024-0760\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-13T17:27:19.172Z\", \"dateReserved\": \"2024-01-19T20:26:52.962Z\", \"assignerOrgId\": \"404fd4d2-a609-4245-b543-2c944a302a22\", \"datePublished\": \"2024-07-23T14:26:54.983Z\", \"assignerShortName\": \"isc\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
wid-sec-w-2024-1700
Vulnerability from csaf_certbund
Published
2024-07-23 22:00
Modified
2025-01-12 23:00
Summary
Internet Systems Consortium BIND: Mehrere Schwachstellen ermöglichen Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
BIND (Berkeley Internet Name Domain) ist ein Open-Source-Softwarepaket, das einen Domain-Name-System-Server implementiert.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Internet Systems Consortium BIND ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "BIND (Berkeley Internet Name Domain) ist ein Open-Source-Softwarepaket, das einen Domain-Name-System-Server implementiert.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Internet Systems Consortium BIND ausnutzen, um einen Denial of Service Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- Sonstiges\n- UNIX\n- Windows", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-1700 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1700.json", }, { category: "self", summary: "WID-SEC-2024-1700 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1700", }, { category: "external", summary: "OSS Security Mailing List vom 2024-07-23", url: "https://seclists.org/oss-sec/2024/q3/101", }, { category: "external", summary: "BIND Security Advisory vom 2024-07-23", url: "https://kb.isc.org/docs/cve-2024-0760", }, { category: "external", summary: "BIND Security Advisory vom 2024-07-23", url: "https://kb.isc.org/docs/cve-2024-1737", }, { category: "external", summary: "BIND Security Advisory vom 2024-07-23", url: "https://kb.isc.org/docs/cve-2024-1975", }, { category: "external", summary: "BIND Security Advisory vom 2024-07-23", url: "https://kb.isc.org/docs/cve-2024-4076", }, { category: "external", summary: "Ubuntu Security Notice USN-6909-1 vom 2024-07-23", url: "https://ubuntu.com/security/notices/USN-6909-1", }, { category: "external", summary: "Infoblox Advisory", url: "https://support.infoblox.com/s/article/000009904", }, { category: "external", summary: "Infoblox Advisory", url: "https://support.infoblox.com/s/article/000009906", }, { category: "external", summary: "Debian Security Advisory DSA-5734 vom 2024-07-26", url: "https://lists.debian.org/debian-security-announce/2024/msg00145.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2636-1 vom 2024-07-30", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019038.html", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-8AF1780FDF vom 2024-07-31", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-8af1780fdf", }, { category: "external", summary: "NetApp Security Advisory NTAP-20240731-0003 vom 2024-07-31", url: "https://security.netapp.com/advisory/ntap-20240731-0003/", }, { category: "external", summary: "NetApp Security Advisory NTAP-20240731-0002 vom 2024-07-31", url: "https://security.netapp.com/advisory/ntap-20240731-0002/", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-56AE6C2C7A vom 2024-07-31", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-56ae6c2c7a", }, { category: "external", summary: "NetApp Security Advisory NTAP-20240731-0001 vom 2024-07-31", url: "https://security.netapp.com/advisory/ntap-20240731-0001/", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-EF8A7031E7 vom 2024-08-01", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-ef8a7031e7", }, { category: "external", summary: "Ubuntu Security Notice USN-6909-2 vom 2024-08-01", url: "https://ubuntu.com/security/notices/USN-6909-2", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2810-1 vom 2024-08-07", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019125.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2811-1 vom 2024-08-07", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019124.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2863-1 vom 2024-08-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019158.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2863-1 vom 2024-08-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019159.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2863-1 vom 2024-08-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019160.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2862-1 vom 2024-08-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019161.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2868-1 vom 2024-08-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019165.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5231 vom 2024-08-12", url: "https://access.redhat.com/errata/RHSA-2024:5231", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2024-2616 vom 2024-08-13", url: "https://alas.aws.amazon.com/AL2/ALAS-2024-2616.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-5231 vom 2024-08-13", url: "https://linux.oracle.com/errata/ELSA-2024-5231.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5390 vom 2024-08-15", url: "https://access.redhat.com/errata/RHSA-2024:5390", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-5390 vom 2024-08-14", url: "https://linux.oracle.com/errata/ELSA-2024-5390.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5418 vom 2024-08-15", url: "https://access.redhat.com/errata/RHSA-2024:5418", }, { category: "external", summary: "Ubuntu Security Notice USN-6909-3 vom 2024-08-15", url: "https://ubuntu.com/security/notices/USN-6909-3", }, { category: "external", summary: "F5 Security Advisory K000140732 vom 2024-08-17", url: "https://my.f5.com/manage/s/article/K000140732", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5524 vom 2024-08-19", url: "https://access.redhat.com/errata/RHSA-2024:5524", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5525 vom 2024-08-19", url: "https://access.redhat.com/errata/RHSA-2024:5525", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-5524 vom 2024-08-20", url: "http://linux.oracle.com/errata/ELSA-2024-5524.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5655 vom 2024-08-21", url: "https://access.redhat.com/errata/RHSA-2024:5655", }, { category: "external", summary: "Rocky Linux Security Advisory RLSA-2024:5231 vom 2024-08-21", url: "https://errata.build.resf.org/RLSA-2024:5231", }, { category: "external", summary: "F5 Security Advisory K000140745 vom 2024-08-22", url: "https://my.f5.com/manage/s/article/K000140745", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5813 vom 2024-08-26", url: "https://access.redhat.com/errata/RHSA-2024:5813", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5871 vom 2024-08-27", url: "https://access.redhat.com/errata/RHSA-2024:5871", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5838 vom 2024-08-26", url: "https://access.redhat.com/errata/RHSA-2024:5838", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5907 vom 2024-08-28", url: "https://access.redhat.com/errata/RHSA-2024:5907", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5894 vom 2024-08-27", url: "https://access.redhat.com/errata/RHSA-2024:5894", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5908 vom 2024-08-28", url: "https://access.redhat.com/errata/RHSA-2024:5908", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5930 vom 2024-08-28", url: "https://access.redhat.com/errata/RHSA-2024:5930", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6004 vom 2024-09-04", url: "https://access.redhat.com/errata/RHSA-2024:6004", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6009 vom 2024-09-04", url: "https://access.redhat.com/errata/RHSA-2024:6009", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6013 vom 2024-09-05", url: "https://access.redhat.com/errata/RHSA-2024:6013", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6406 vom 2024-09-12", url: "https://access.redhat.com/errata/RHSA-2024:6406", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6642 vom 2024-09-18", url: "https://access.redhat.com/errata/RHSA-2024:6642", }, { category: "external", summary: "IBM Security Bulletin 7168815 vom 2024-09-18", url: "https://www.ibm.com/support/pages/node/7168815", }, { category: "external", summary: "Insyde Security Advisory INSYDE-SA-2024010 vom 2024-10-09", url: "https://www.insyde.com/security-pledge/SA-2024010", }, { category: "external", summary: "Dell Security Advisory DSA-2024-422 vom 2024-10-10", url: "https://www.dell.com/support/kbdoc/de-de/000234730/dsa-2024-422-security-update-for-dell-networker-vproxy-multiple-component-vulnerabilities", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-5930 vom 2024-10-15", url: "https://linux.oracle.com/errata/ELSA-2024-5930.html", }, { category: "external", summary: "IBM Security Bulletin 7176451 vom 2024-11-18", url: "https://aix.software.ibm.com/aix/efixes/security/bind_advisory27.asc", }, { category: "external", summary: "IBM Security Bulletin 7176451 vom 2024-11-19", url: "https://www.ibm.com/support/pages/node/7176451", }, { category: "external", summary: "XEROX Security Advisory XRX25-001 vom 2025-01-13", url: "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-001-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf", }, ], source_lang: "en-US", title: "Internet Systems Consortium BIND: Mehrere Schwachstellen ermöglichen Denial of Service", tracking: { current_release_date: "2025-01-12T23:00:00.000+00:00", generator: { date: "2025-01-13T11:08:24.565+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-1700", initial_release_date: "2024-07-23T22:00:00.000+00:00", revision_history: [ { date: "2024-07-23T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-07-25T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Debian aufgenommen", }, { date: "2024-07-29T22:00:00.000+00:00", number: "3", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-07-31T22:00:00.000+00:00", number: "4", summary: "Neue Updates von Fedora und NetApp aufgenommen", }, { date: "2024-08-01T22:00:00.000+00:00", number: "5", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2024-08-06T22:00:00.000+00:00", number: "6", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-08-08T22:00:00.000+00:00", number: "7", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-08-11T22:00:00.000+00:00", number: "8", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-08-12T22:00:00.000+00:00", number: "9", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-08-13T22:00:00.000+00:00", number: "10", summary: "Neue Updates von Amazon und Oracle Linux aufgenommen", }, { date: "2024-08-14T22:00:00.000+00:00", number: "11", summary: "Neue Updates von Red Hat und Oracle Linux aufgenommen", }, { date: "2024-08-15T22:00:00.000+00:00", number: "12", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2024-08-18T22:00:00.000+00:00", number: "13", summary: "Neue Updates von F5 und Red Hat aufgenommen", }, { date: "2024-08-19T22:00:00.000+00:00", number: "14", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2024-08-20T22:00:00.000+00:00", number: "15", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-08-21T22:00:00.000+00:00", number: "16", summary: "Neue Updates von Rocky Enterprise Software Foundation aufgenommen", }, { date: "2024-08-22T22:00:00.000+00:00", number: "17", summary: "Neue Updates von F5 aufgenommen", }, { date: "2024-08-25T22:00:00.000+00:00", number: "18", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-08-26T22:00:00.000+00:00", number: "19", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-08-27T22:00:00.000+00:00", number: "20", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-08-28T22:00:00.000+00:00", number: "21", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-03T22:00:00.000+00:00", number: "22", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-04T22:00:00.000+00:00", number: "23", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-05T22:00:00.000+00:00", number: "24", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-11T22:00:00.000+00:00", number: "25", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-17T22:00:00.000+00:00", number: "26", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-10-08T22:00:00.000+00:00", number: "27", summary: "Neue Updates von Insyde aufgenommen", }, { date: "2024-10-09T22:00:00.000+00:00", number: "28", summary: "Neue Updates von Dell aufgenommen", }, { date: "2024-10-14T22:00:00.000+00:00", number: "29", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2024-11-18T23:00:00.000+00:00", number: "30", summary: "Neue Updates von IBM aufgenommen", }, { date: "2025-01-12T23:00:00.000+00:00", number: "31", summary: "Neue Updates von XEROX aufgenommen", }, ], status: "final", version: "31", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Amazon Linux 2", product: { name: "Amazon Linux 2", product_id: "398363", product_identification_helper: { cpe: "cpe:/o:amazon:linux_2:-", }, }, }, ], category: "vendor", name: "Amazon", }, { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { branches: [ { category: "product_name", name: "F5 BIG-IP", product: { name: "F5 BIG-IP", product_id: "T001663", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:-", }, }, }, { category: "product_version", name: "17.1.0-17.1.1", product: { name: "F5 BIG-IP 17.1.0-17.1.1", product_id: "T034899", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:17.1.0_-_17.1.1", }, }, }, { category: "product_version", name: "15.1.0-15.1.10", product: { name: "F5 BIG-IP 15.1.0-15.1.10", product_id: "T034902", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:15.1.0_-_15.1.10", }, }, }, { category: "product_version", name: "16.1.0-16.1.5", product: { name: "F5 BIG-IP 16.1.0-16.1.5", product_id: "T037028", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:16.1.0_-_16.1.5", }, }, }, ], category: "product_name", name: "BIG-IP", }, ], category: "vendor", name: "F5", }, { branches: [ { category: "product_name", name: "Fedora Linux", product: { name: "Fedora Linux", product_id: "74185", product_identification_helper: { cpe: "cpe:/o:fedoraproject:fedora:-", }, }, }, ], category: "vendor", name: "Fedora", }, { branches: [ { branches: [ { category: "product_version", name: "7.3", product: { name: "IBM AIX 7.3", product_id: "1139691", product_identification_helper: { cpe: "cpe:/o:ibm:aix:7.3", }, }, }, { category: "product_version", name: "7.2", product: { name: "IBM AIX 7.2", product_id: "434967", product_identification_helper: { cpe: "cpe:/o:ibm:aix:7.2", }, }, }, { category: "product_name", name: "IBM AIX", product: { name: "IBM AIX", product_id: "T039245", product_identification_helper: { cpe: "cpe:/o:ibm:aix:-", }, }, }, ], category: "product_name", name: "AIX", }, { branches: [ { category: "product_version_range", name: "<7.5.0 UP9 IF03", product: { name: "IBM QRadar SIEM <7.5.0 UP9 IF03", product_id: "T037731", }, }, { category: "product_version", name: "7.5.0 UP9 IF03", product: { name: "IBM QRadar SIEM 7.5.0 UP9 IF03", product_id: "T037731-fixed", product_identification_helper: { cpe: "cpe:/a:ibm:qradar_siem:7.5.0_up9_if03", }, }, }, ], category: "product_name", name: "QRadar SIEM", }, { branches: [ { category: "product_version", name: "3.1", product: { name: "IBM VIOS 3.1", product_id: "1039165", product_identification_helper: { cpe: "cpe:/a:ibm:vios:3.1", }, }, }, { category: "product_version", name: "4.1", product: { name: "IBM VIOS 4.1", product_id: "1522854", product_identification_helper: { cpe: "cpe:/a:ibm:vios:4.1", }, }, }, ], category: "product_name", name: "VIOS", }, ], category: "vendor", name: "IBM", }, { branches: [ { category: "product_name", name: "Infoblox DDI", product: { name: "Infoblox DDI", product_id: "T022362", product_identification_helper: { cpe: "cpe:/a:infoblox:ddi:-", }, }, }, { branches: [ { category: "product_version", name: "8.6.3", product: { name: "Infoblox NIOS 8.6.3", product_id: "T024812", product_identification_helper: { cpe: "cpe:/o:infoblox:nios:8.6.3", }, }, }, { category: "product_version", name: "8.6.2", product: { name: "Infoblox NIOS 8.6.2", product_id: "T028256", product_identification_helper: { cpe: "cpe:/o:infoblox:nios:8.6.2", }, }, }, { category: "product_version", name: "8.6.4", product: { name: "Infoblox NIOS 8.6.4", product_id: "T032852", product_identification_helper: { cpe: "cpe:/o:infoblox:nios:8.6.4", }, }, }, { category: "product_version", name: "9.0.2", product: { name: "Infoblox NIOS 9.0.2", product_id: "T032853", product_identification_helper: { cpe: "cpe:/o:infoblox:nios:9.0.2", }, }, }, { category: "product_version", name: "9.0.3", product: { name: "Infoblox NIOS 9.0.3", product_id: "T032854", product_identification_helper: { cpe: "cpe:/o:infoblox:nios:9.0.3", }, }, }, { category: "product_version", name: "9.0.4", product: { name: "Infoblox NIOS 9.0.4", product_id: "T036441", product_identification_helper: { cpe: "cpe:/o:infoblox:nios:9.0.4", }, }, }, ], category: "product_name", name: "NIOS", }, ], category: "vendor", name: "Infoblox", }, { branches: [ { branches: [ { category: "product_version_range", name: "<RV23.08", product: { name: "Insyde UEFI Firmware <RV23.08", product_id: "T038076", }, }, { category: "product_version", name: "RV23.08", product: { name: "Insyde UEFI Firmware RV23.08", product_id: "T038076-fixed", product_identification_helper: { cpe: "cpe:/h:insyde:uefi:rv23.08", }, }, }, { category: "product_version_range", name: "<RV24.06", product: { name: "Insyde UEFI Firmware <RV24.06", product_id: "T038077", }, }, { category: "product_version", name: "RV24.06", product: { name: "Insyde UEFI Firmware RV24.06", product_id: "T038077-fixed", product_identification_helper: { cpe: "cpe:/h:insyde:uefi:rv24.06", }, }, }, ], category: "product_name", name: "UEFI Firmware", }, ], category: "vendor", name: "Insyde", }, { branches: [ { branches: [ { category: "product_version_range", name: "<9.18.28", product: { name: "Internet Systems Consortium BIND <9.18.28", product_id: "T036434", }, }, { category: "product_version", name: "9.18.28", product: { name: "Internet Systems Consortium BIND 9.18.28", product_id: "T036434-fixed", product_identification_helper: { cpe: "cpe:/a:isc:bind:9.18.28", }, }, }, { category: "product_version_range", name: "<9.20.0", product: { name: "Internet Systems Consortium BIND <9.20.0", product_id: "T036435", }, }, { category: "product_version", name: "9.20.0", product: { name: "Internet Systems Consortium BIND 9.20.0", product_id: "T036435-fixed", product_identification_helper: { cpe: "cpe:/a:isc:bind:9.20.0", }, }, }, ], category: "product_name", name: "BIND", }, ], category: "vendor", name: "Internet Systems Consortium", }, { branches: [ { category: "product_name", name: "NetApp ActiveIQ Unified Manager", product: { name: "NetApp ActiveIQ Unified Manager", product_id: "T026333", product_identification_helper: { cpe: "cpe:/a:netapp:active_iq_unified_manager:vmware_vsphere", }, }, }, ], category: "vendor", name: "NetApp", }, { branches: [ { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { category: "product_name", name: "RESF Rocky Linux", product: { name: "RESF Rocky Linux", product_id: "T032255", product_identification_helper: { cpe: "cpe:/o:resf:rocky_linux:-", }, }, }, ], category: "vendor", name: "RESF", }, { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, { branches: [ { branches: [ { category: "product_version", name: "v9 for Solaris", product: { name: "Xerox FreeFlow Print Server v9 for Solaris", product_id: "T028053", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:v9_for_solaris", }, }, }, ], category: "product_name", name: "FreeFlow Print Server", }, ], category: "vendor", name: "Xerox", }, ], }, vulnerabilities: [ { cve: "CVE-2024-0760", notes: [ { category: "description", text: "In Internet Systems Consortium BIND existieren mehrere Schwachstellen. Diese Fehler sind auf eine unsachgemäße Behandlung von DNS-Nachrichten, DNSSEC-Validierung und eine große Anzahl von Ressourcendatensätzen zurückzuführen, was zu Instabilität, Leistungseinbußen, Abstürzen und Assertion-Fehlern führt. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "67646", "T034902", "T037731", "T004914", "T036441", "1139691", "T001663", "398363", "T022362", "T032852", "T034899", "T032853", "T028053", "434967", "T032854", "1039165", "1522854", "T037028", "T036434", "T036435", "T039245", "T032255", "74185", "T038076", "T038077", "2951", "T002207", "T000126", "T024812", "T026333", "T028256", ], }, release_date: "2024-07-23T22:00:00.000+00:00", title: "CVE-2024-0760", }, { cve: "CVE-2024-1737", notes: [ { category: "description", text: "In Internet Systems Consortium BIND existieren mehrere Schwachstellen. Diese Fehler sind auf eine unsachgemäße Behandlung von DNS-Nachrichten, DNSSEC-Validierung und eine große Anzahl von Ressourcendatensätzen zurückzuführen, was zu Instabilität, Leistungseinbußen, Abstürzen und Assertion-Fehlern führt. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "67646", "T034902", "T037731", "T004914", "T036441", "1139691", "T001663", "398363", "T022362", "T032852", "T034899", "T032853", "T028053", "434967", "T032854", "1039165", "1522854", "T037028", "T036434", "T036435", "T039245", "T032255", "74185", "T038076", "T038077", "2951", "T002207", "T000126", "T024812", "T026333", "T028256", ], }, release_date: "2024-07-23T22:00:00.000+00:00", title: "CVE-2024-1737", }, { cve: "CVE-2024-1975", notes: [ { category: "description", text: "In Internet Systems Consortium BIND existieren mehrere Schwachstellen. Diese Fehler sind auf eine unsachgemäße Behandlung von DNS-Nachrichten, DNSSEC-Validierung und eine große Anzahl von Ressourcendatensätzen zurückzuführen, was zu Instabilität, Leistungseinbußen, Abstürzen und Assertion-Fehlern führt. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "67646", "T034902", "T037731", "T004914", "T036441", "1139691", "T001663", "398363", "T022362", "T032852", "T034899", "T032853", "T028053", "434967", "T032854", "1039165", "1522854", "T037028", "T036434", "T036435", "T039245", "T032255", "74185", "T038076", "T038077", "2951", "T002207", "T000126", "T024812", "T026333", "T028256", ], }, release_date: "2024-07-23T22:00:00.000+00:00", title: "CVE-2024-1975", }, { cve: "CVE-2024-4076", notes: [ { category: "description", text: "In Internet Systems Consortium BIND existieren mehrere Schwachstellen. Diese Fehler sind auf eine unsachgemäße Behandlung von DNS-Nachrichten, DNSSEC-Validierung und eine große Anzahl von Ressourcendatensätzen zurückzuführen, was zu Instabilität, Leistungseinbußen, Abstürzen und Assertion-Fehlern führt. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "67646", "T034902", "T037731", "T004914", "T036441", "1139691", "T001663", "398363", "T022362", "T032852", "T034899", "T032853", "T028053", "434967", "T032854", "1039165", "1522854", "T037028", "T036434", "T036435", "T039245", "T032255", "74185", "T038076", "T038077", "2951", "T002207", "T000126", "T024812", "T026333", "T028256", ], }, release_date: "2024-07-23T22:00:00.000+00:00", title: "CVE-2024-4076", }, ], }
WID-SEC-W-2024-1700
Vulnerability from csaf_certbund
Published
2024-07-23 22:00
Modified
2025-01-12 23:00
Summary
Internet Systems Consortium BIND: Mehrere Schwachstellen ermöglichen Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
BIND (Berkeley Internet Name Domain) ist ein Open-Source-Softwarepaket, das einen Domain-Name-System-Server implementiert.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Internet Systems Consortium BIND ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "BIND (Berkeley Internet Name Domain) ist ein Open-Source-Softwarepaket, das einen Domain-Name-System-Server implementiert.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Internet Systems Consortium BIND ausnutzen, um einen Denial of Service Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- Sonstiges\n- UNIX\n- Windows", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-1700 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1700.json", }, { category: "self", summary: "WID-SEC-2024-1700 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1700", }, { category: "external", summary: "OSS Security Mailing List vom 2024-07-23", url: "https://seclists.org/oss-sec/2024/q3/101", }, { category: "external", summary: "BIND Security Advisory vom 2024-07-23", url: "https://kb.isc.org/docs/cve-2024-0760", }, { category: "external", summary: "BIND Security Advisory vom 2024-07-23", url: "https://kb.isc.org/docs/cve-2024-1737", }, { category: "external", summary: "BIND Security Advisory vom 2024-07-23", url: "https://kb.isc.org/docs/cve-2024-1975", }, { category: "external", summary: "BIND Security Advisory vom 2024-07-23", url: "https://kb.isc.org/docs/cve-2024-4076", }, { category: "external", summary: "Ubuntu Security Notice USN-6909-1 vom 2024-07-23", url: "https://ubuntu.com/security/notices/USN-6909-1", }, { category: "external", summary: "Infoblox Advisory", url: "https://support.infoblox.com/s/article/000009904", }, { category: "external", summary: "Infoblox Advisory", url: "https://support.infoblox.com/s/article/000009906", }, { category: "external", summary: "Debian Security Advisory DSA-5734 vom 2024-07-26", url: "https://lists.debian.org/debian-security-announce/2024/msg00145.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2636-1 vom 2024-07-30", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019038.html", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-8AF1780FDF vom 2024-07-31", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-8af1780fdf", }, { category: "external", summary: "NetApp Security Advisory NTAP-20240731-0003 vom 2024-07-31", url: "https://security.netapp.com/advisory/ntap-20240731-0003/", }, { category: "external", summary: "NetApp Security Advisory NTAP-20240731-0002 vom 2024-07-31", url: "https://security.netapp.com/advisory/ntap-20240731-0002/", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-56AE6C2C7A vom 2024-07-31", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-56ae6c2c7a", }, { category: "external", summary: "NetApp Security Advisory NTAP-20240731-0001 vom 2024-07-31", url: "https://security.netapp.com/advisory/ntap-20240731-0001/", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-EF8A7031E7 vom 2024-08-01", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-ef8a7031e7", }, { category: "external", summary: "Ubuntu Security Notice USN-6909-2 vom 2024-08-01", url: "https://ubuntu.com/security/notices/USN-6909-2", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2810-1 vom 2024-08-07", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019125.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2811-1 vom 2024-08-07", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019124.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2863-1 vom 2024-08-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019158.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2863-1 vom 2024-08-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019159.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2863-1 vom 2024-08-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019160.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2862-1 vom 2024-08-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019161.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2868-1 vom 2024-08-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019165.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5231 vom 2024-08-12", url: "https://access.redhat.com/errata/RHSA-2024:5231", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2024-2616 vom 2024-08-13", url: "https://alas.aws.amazon.com/AL2/ALAS-2024-2616.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-5231 vom 2024-08-13", url: "https://linux.oracle.com/errata/ELSA-2024-5231.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5390 vom 2024-08-15", url: "https://access.redhat.com/errata/RHSA-2024:5390", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-5390 vom 2024-08-14", url: "https://linux.oracle.com/errata/ELSA-2024-5390.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5418 vom 2024-08-15", url: "https://access.redhat.com/errata/RHSA-2024:5418", }, { category: "external", summary: "Ubuntu Security Notice USN-6909-3 vom 2024-08-15", url: "https://ubuntu.com/security/notices/USN-6909-3", }, { category: "external", summary: "F5 Security Advisory K000140732 vom 2024-08-17", url: "https://my.f5.com/manage/s/article/K000140732", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5524 vom 2024-08-19", url: "https://access.redhat.com/errata/RHSA-2024:5524", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5525 vom 2024-08-19", url: "https://access.redhat.com/errata/RHSA-2024:5525", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-5524 vom 2024-08-20", url: "http://linux.oracle.com/errata/ELSA-2024-5524.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5655 vom 2024-08-21", url: "https://access.redhat.com/errata/RHSA-2024:5655", }, { category: "external", summary: "Rocky Linux Security Advisory RLSA-2024:5231 vom 2024-08-21", url: "https://errata.build.resf.org/RLSA-2024:5231", }, { category: "external", summary: "F5 Security Advisory K000140745 vom 2024-08-22", url: "https://my.f5.com/manage/s/article/K000140745", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5813 vom 2024-08-26", url: "https://access.redhat.com/errata/RHSA-2024:5813", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5871 vom 2024-08-27", url: "https://access.redhat.com/errata/RHSA-2024:5871", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5838 vom 2024-08-26", url: "https://access.redhat.com/errata/RHSA-2024:5838", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5907 vom 2024-08-28", url: "https://access.redhat.com/errata/RHSA-2024:5907", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5894 vom 2024-08-27", url: "https://access.redhat.com/errata/RHSA-2024:5894", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5908 vom 2024-08-28", url: "https://access.redhat.com/errata/RHSA-2024:5908", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5930 vom 2024-08-28", url: "https://access.redhat.com/errata/RHSA-2024:5930", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6004 vom 2024-09-04", url: "https://access.redhat.com/errata/RHSA-2024:6004", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6009 vom 2024-09-04", url: "https://access.redhat.com/errata/RHSA-2024:6009", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6013 vom 2024-09-05", url: "https://access.redhat.com/errata/RHSA-2024:6013", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6406 vom 2024-09-12", url: "https://access.redhat.com/errata/RHSA-2024:6406", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6642 vom 2024-09-18", url: "https://access.redhat.com/errata/RHSA-2024:6642", }, { category: "external", summary: "IBM Security Bulletin 7168815 vom 2024-09-18", url: "https://www.ibm.com/support/pages/node/7168815", }, { category: "external", summary: "Insyde Security Advisory INSYDE-SA-2024010 vom 2024-10-09", url: "https://www.insyde.com/security-pledge/SA-2024010", }, { category: "external", summary: "Dell Security Advisory DSA-2024-422 vom 2024-10-10", url: "https://www.dell.com/support/kbdoc/de-de/000234730/dsa-2024-422-security-update-for-dell-networker-vproxy-multiple-component-vulnerabilities", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-5930 vom 2024-10-15", url: "https://linux.oracle.com/errata/ELSA-2024-5930.html", }, { category: "external", summary: "IBM Security Bulletin 7176451 vom 2024-11-18", url: "https://aix.software.ibm.com/aix/efixes/security/bind_advisory27.asc", }, { category: "external", summary: "IBM Security Bulletin 7176451 vom 2024-11-19", url: "https://www.ibm.com/support/pages/node/7176451", }, { category: "external", summary: "XEROX Security Advisory XRX25-001 vom 2025-01-13", url: "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-001-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf", }, ], source_lang: "en-US", title: "Internet Systems Consortium BIND: Mehrere Schwachstellen ermöglichen Denial of Service", tracking: { current_release_date: "2025-01-12T23:00:00.000+00:00", generator: { date: "2025-01-13T11:08:24.565+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-1700", initial_release_date: "2024-07-23T22:00:00.000+00:00", revision_history: [ { date: "2024-07-23T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-07-25T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Debian aufgenommen", }, { date: "2024-07-29T22:00:00.000+00:00", number: "3", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-07-31T22:00:00.000+00:00", number: "4", summary: "Neue Updates von Fedora und NetApp aufgenommen", }, { date: "2024-08-01T22:00:00.000+00:00", number: "5", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2024-08-06T22:00:00.000+00:00", number: "6", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-08-08T22:00:00.000+00:00", number: "7", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-08-11T22:00:00.000+00:00", number: "8", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-08-12T22:00:00.000+00:00", number: "9", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-08-13T22:00:00.000+00:00", number: "10", summary: "Neue Updates von Amazon und Oracle Linux aufgenommen", }, { date: "2024-08-14T22:00:00.000+00:00", number: "11", summary: "Neue Updates von Red Hat und Oracle Linux aufgenommen", }, { date: "2024-08-15T22:00:00.000+00:00", number: "12", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2024-08-18T22:00:00.000+00:00", number: "13", summary: "Neue Updates von F5 und Red Hat aufgenommen", }, { date: "2024-08-19T22:00:00.000+00:00", number: "14", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2024-08-20T22:00:00.000+00:00", number: "15", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-08-21T22:00:00.000+00:00", number: "16", summary: "Neue Updates von Rocky Enterprise Software Foundation aufgenommen", }, { date: "2024-08-22T22:00:00.000+00:00", number: "17", summary: "Neue Updates von F5 aufgenommen", }, { date: "2024-08-25T22:00:00.000+00:00", number: "18", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-08-26T22:00:00.000+00:00", number: "19", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-08-27T22:00:00.000+00:00", number: "20", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-08-28T22:00:00.000+00:00", number: "21", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-03T22:00:00.000+00:00", number: "22", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-04T22:00:00.000+00:00", number: "23", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-05T22:00:00.000+00:00", number: "24", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-11T22:00:00.000+00:00", number: "25", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-17T22:00:00.000+00:00", number: "26", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-10-08T22:00:00.000+00:00", number: "27", summary: "Neue Updates von Insyde aufgenommen", }, { date: "2024-10-09T22:00:00.000+00:00", number: "28", summary: "Neue Updates von Dell aufgenommen", }, { date: "2024-10-14T22:00:00.000+00:00", number: "29", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2024-11-18T23:00:00.000+00:00", number: "30", summary: "Neue Updates von IBM aufgenommen", }, { date: "2025-01-12T23:00:00.000+00:00", number: "31", summary: "Neue Updates von XEROX aufgenommen", }, ], status: "final", version: "31", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Amazon Linux 2", product: { name: "Amazon Linux 2", product_id: "398363", product_identification_helper: { cpe: "cpe:/o:amazon:linux_2:-", }, }, }, ], category: "vendor", name: "Amazon", }, { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { branches: [ { category: "product_name", name: "F5 BIG-IP", product: { name: "F5 BIG-IP", product_id: "T001663", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:-", }, }, }, { category: "product_version", name: "17.1.0-17.1.1", product: { name: "F5 BIG-IP 17.1.0-17.1.1", product_id: "T034899", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:17.1.0_-_17.1.1", }, }, }, { category: "product_version", name: "15.1.0-15.1.10", product: { name: "F5 BIG-IP 15.1.0-15.1.10", product_id: "T034902", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:15.1.0_-_15.1.10", }, }, }, { category: "product_version", name: "16.1.0-16.1.5", product: { name: "F5 BIG-IP 16.1.0-16.1.5", product_id: "T037028", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:16.1.0_-_16.1.5", }, }, }, ], category: "product_name", name: "BIG-IP", }, ], category: "vendor", name: "F5", }, { branches: [ { category: "product_name", name: "Fedora Linux", product: { name: "Fedora Linux", product_id: "74185", product_identification_helper: { cpe: "cpe:/o:fedoraproject:fedora:-", }, }, }, ], category: "vendor", name: "Fedora", }, { branches: [ { branches: [ { category: "product_version", name: "7.3", product: { name: "IBM AIX 7.3", product_id: "1139691", product_identification_helper: { cpe: "cpe:/o:ibm:aix:7.3", }, }, }, { category: "product_version", name: "7.2", product: { name: "IBM AIX 7.2", product_id: "434967", product_identification_helper: { cpe: "cpe:/o:ibm:aix:7.2", }, }, }, { category: "product_name", name: "IBM AIX", product: { name: "IBM AIX", product_id: "T039245", product_identification_helper: { cpe: "cpe:/o:ibm:aix:-", }, }, }, ], category: "product_name", name: "AIX", }, { branches: [ { category: "product_version_range", name: "<7.5.0 UP9 IF03", product: { name: "IBM QRadar SIEM <7.5.0 UP9 IF03", product_id: "T037731", }, }, { category: "product_version", name: "7.5.0 UP9 IF03", product: { name: "IBM QRadar SIEM 7.5.0 UP9 IF03", product_id: "T037731-fixed", product_identification_helper: { cpe: "cpe:/a:ibm:qradar_siem:7.5.0_up9_if03", }, }, }, ], category: "product_name", name: "QRadar SIEM", }, { branches: [ { category: "product_version", name: "3.1", product: { name: "IBM VIOS 3.1", product_id: "1039165", product_identification_helper: { cpe: "cpe:/a:ibm:vios:3.1", }, }, }, { category: "product_version", name: "4.1", product: { name: "IBM VIOS 4.1", product_id: "1522854", product_identification_helper: { cpe: "cpe:/a:ibm:vios:4.1", }, }, }, ], category: "product_name", name: "VIOS", }, ], category: "vendor", name: "IBM", }, { branches: [ { category: "product_name", name: "Infoblox DDI", product: { name: "Infoblox DDI", product_id: "T022362", product_identification_helper: { cpe: "cpe:/a:infoblox:ddi:-", }, }, }, { branches: [ { category: "product_version", name: "8.6.3", product: { name: "Infoblox NIOS 8.6.3", product_id: "T024812", product_identification_helper: { cpe: "cpe:/o:infoblox:nios:8.6.3", }, }, }, { category: "product_version", name: "8.6.2", product: { name: "Infoblox NIOS 8.6.2", product_id: "T028256", product_identification_helper: { cpe: "cpe:/o:infoblox:nios:8.6.2", }, }, }, { category: "product_version", name: "8.6.4", product: { name: "Infoblox NIOS 8.6.4", product_id: "T032852", product_identification_helper: { cpe: "cpe:/o:infoblox:nios:8.6.4", }, }, }, { category: "product_version", name: "9.0.2", product: { name: "Infoblox NIOS 9.0.2", product_id: "T032853", product_identification_helper: { cpe: "cpe:/o:infoblox:nios:9.0.2", }, }, }, { category: "product_version", name: "9.0.3", product: { name: "Infoblox NIOS 9.0.3", product_id: "T032854", product_identification_helper: { cpe: "cpe:/o:infoblox:nios:9.0.3", }, }, }, { category: "product_version", name: "9.0.4", product: { name: "Infoblox NIOS 9.0.4", product_id: "T036441", product_identification_helper: { cpe: "cpe:/o:infoblox:nios:9.0.4", }, }, }, ], category: "product_name", name: "NIOS", }, ], category: "vendor", name: "Infoblox", }, { branches: [ { branches: [ { category: "product_version_range", name: "<RV23.08", product: { name: "Insyde UEFI Firmware <RV23.08", product_id: "T038076", }, }, { category: "product_version", name: "RV23.08", product: { name: "Insyde UEFI Firmware RV23.08", product_id: "T038076-fixed", product_identification_helper: { cpe: "cpe:/h:insyde:uefi:rv23.08", }, }, }, { category: "product_version_range", name: "<RV24.06", product: { name: "Insyde UEFI Firmware <RV24.06", product_id: "T038077", }, }, { category: "product_version", name: "RV24.06", product: { name: "Insyde UEFI Firmware RV24.06", product_id: "T038077-fixed", product_identification_helper: { cpe: "cpe:/h:insyde:uefi:rv24.06", }, }, }, ], category: "product_name", name: "UEFI Firmware", }, ], category: "vendor", name: "Insyde", }, { branches: [ { branches: [ { category: "product_version_range", name: "<9.18.28", product: { name: "Internet Systems Consortium BIND <9.18.28", product_id: "T036434", }, }, { category: "product_version", name: "9.18.28", product: { name: "Internet Systems Consortium BIND 9.18.28", product_id: "T036434-fixed", product_identification_helper: { cpe: "cpe:/a:isc:bind:9.18.28", }, }, }, { category: "product_version_range", name: "<9.20.0", product: { name: "Internet Systems Consortium BIND <9.20.0", product_id: "T036435", }, }, { category: "product_version", name: "9.20.0", product: { name: "Internet Systems Consortium BIND 9.20.0", product_id: "T036435-fixed", product_identification_helper: { cpe: "cpe:/a:isc:bind:9.20.0", }, }, }, ], category: "product_name", name: "BIND", }, ], category: "vendor", name: "Internet Systems Consortium", }, { branches: [ { category: "product_name", name: "NetApp ActiveIQ Unified Manager", product: { name: "NetApp ActiveIQ Unified Manager", product_id: "T026333", product_identification_helper: { cpe: "cpe:/a:netapp:active_iq_unified_manager:vmware_vsphere", }, }, }, ], category: "vendor", name: "NetApp", }, { branches: [ { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { category: "product_name", name: "RESF Rocky Linux", product: { name: "RESF Rocky Linux", product_id: "T032255", product_identification_helper: { cpe: "cpe:/o:resf:rocky_linux:-", }, }, }, ], category: "vendor", name: "RESF", }, { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, { branches: [ { branches: [ { category: "product_version", name: "v9 for Solaris", product: { name: "Xerox FreeFlow Print Server v9 for Solaris", product_id: "T028053", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:v9_for_solaris", }, }, }, ], category: "product_name", name: "FreeFlow Print Server", }, ], category: "vendor", name: "Xerox", }, ], }, vulnerabilities: [ { cve: "CVE-2024-0760", notes: [ { category: "description", text: "In Internet Systems Consortium BIND existieren mehrere Schwachstellen. Diese Fehler sind auf eine unsachgemäße Behandlung von DNS-Nachrichten, DNSSEC-Validierung und eine große Anzahl von Ressourcendatensätzen zurückzuführen, was zu Instabilität, Leistungseinbußen, Abstürzen und Assertion-Fehlern führt. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "67646", "T034902", "T037731", "T004914", "T036441", "1139691", "T001663", "398363", "T022362", "T032852", "T034899", "T032853", "T028053", "434967", "T032854", "1039165", "1522854", "T037028", "T036434", "T036435", "T039245", "T032255", "74185", "T038076", "T038077", "2951", "T002207", "T000126", "T024812", "T026333", "T028256", ], }, release_date: "2024-07-23T22:00:00.000+00:00", title: "CVE-2024-0760", }, { cve: "CVE-2024-1737", notes: [ { category: "description", text: "In Internet Systems Consortium BIND existieren mehrere Schwachstellen. Diese Fehler sind auf eine unsachgemäße Behandlung von DNS-Nachrichten, DNSSEC-Validierung und eine große Anzahl von Ressourcendatensätzen zurückzuführen, was zu Instabilität, Leistungseinbußen, Abstürzen und Assertion-Fehlern führt. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "67646", "T034902", "T037731", "T004914", "T036441", "1139691", "T001663", "398363", "T022362", "T032852", "T034899", "T032853", "T028053", "434967", "T032854", "1039165", "1522854", "T037028", "T036434", "T036435", "T039245", "T032255", "74185", "T038076", "T038077", "2951", "T002207", "T000126", "T024812", "T026333", "T028256", ], }, release_date: "2024-07-23T22:00:00.000+00:00", title: "CVE-2024-1737", }, { cve: "CVE-2024-1975", notes: [ { category: "description", text: "In Internet Systems Consortium BIND existieren mehrere Schwachstellen. Diese Fehler sind auf eine unsachgemäße Behandlung von DNS-Nachrichten, DNSSEC-Validierung und eine große Anzahl von Ressourcendatensätzen zurückzuführen, was zu Instabilität, Leistungseinbußen, Abstürzen und Assertion-Fehlern führt. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "67646", "T034902", "T037731", "T004914", "T036441", "1139691", "T001663", "398363", "T022362", "T032852", "T034899", "T032853", "T028053", "434967", "T032854", "1039165", "1522854", "T037028", "T036434", "T036435", "T039245", "T032255", "74185", "T038076", "T038077", "2951", "T002207", "T000126", "T024812", "T026333", "T028256", ], }, release_date: "2024-07-23T22:00:00.000+00:00", title: "CVE-2024-1975", }, { cve: "CVE-2024-4076", notes: [ { category: "description", text: "In Internet Systems Consortium BIND existieren mehrere Schwachstellen. Diese Fehler sind auf eine unsachgemäße Behandlung von DNS-Nachrichten, DNSSEC-Validierung und eine große Anzahl von Ressourcendatensätzen zurückzuführen, was zu Instabilität, Leistungseinbußen, Abstürzen und Assertion-Fehlern führt. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "67646", "T034902", "T037731", "T004914", "T036441", "1139691", "T001663", "398363", "T022362", "T032852", "T034899", "T032853", "T028053", "434967", "T032854", "1039165", "1522854", "T037028", "T036434", "T036435", "T039245", "T032255", "74185", "T038076", "T038077", "2951", "T002207", "T000126", "T024812", "T026333", "T028256", ], }, release_date: "2024-07-23T22:00:00.000+00:00", title: "CVE-2024-4076", }, ], }
fkie_cve-2024-0760
Vulnerability from fkie_nvd
Published
2024-07-23 15:15
Modified
2024-11-21 08:47
Severity ?
Summary
A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack.
This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.
References
Impacted products
| Vendor | Product | Version |
|---|
{ cveTags: [], descriptions: [ { lang: "en", value: "A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. \nThis issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.", }, { lang: "es", value: "Un cliente malintencionado puede enviar muchos mensajes DNS a través de TCP, lo que podría provocar que el servidor se vuelva inestable mientras el ataque está en curso. El servidor puede recuperarse una vez que cese el ataque. El uso de ACL no mitigará el ataque. Este problema afecta a las versiones 9.18.1 a 9.18.27, 9.19.0 a 9.19.24 y 9.18.11-S1 a 9.18.27-S1 de BIND 9.", }, ], id: "CVE-2024-0760", lastModified: "2024-11-21T08:47:18.850", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "security-officer@isc.org", type: "Secondary", }, ], }, published: "2024-07-23T15:15:03.520", references: [ { source: "security-officer@isc.org", url: "http://www.openwall.com/lists/oss-security/2024/07/23/1", }, { source: "security-officer@isc.org", url: "http://www.openwall.com/lists/oss-security/2024/07/31/2", }, { source: "security-officer@isc.org", url: "https://kb.isc.org/docs/cve-2024-0760", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/23/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kb.isc.org/docs/cve-2024-0760", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20240731-0004/", }, ], sourceIdentifier: "security-officer@isc.org", vulnStatus: "Awaiting Analysis", weaknesses: [ { description: [ { lang: "en", value: "CWE-770", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
suse-su-2024:2636-1
Vulnerability from csaf_suse
Published
2024-07-30 07:14
Modified
2024-07-30 07:14
Summary
Security update for bind
Notes
Title of the patch
Security update for bind
Description of the patch
This update for bind fixes the following issues:
Update to release 9.18.28
Security fixes:
- CVE-2024-0760: Fixed a flood of DNS messages over TCP may make the server unstable (bsc#1228255)
- CVE-2024-1737: Fixed BIND's database will be slow if a very large number of RRs exist at the same name (bsc#1228256)
- CVE-2024-1975: Fixed SIG(0) can be used to exhaust CPU resources (bsc#1228257)
- CVE-2024-4076: Fixed assertion failure when serving both stale cache data and authoritative zone content (bsc#1228258)
Changelog:
* Command-line options for IPv4-only (named -4) and IPv6-only
(named -6) modes are now respected for zone primaries,
also-notify, and parental-agents.
* An RPZ response’s SOA record TTL was set to 1 instead of the
SOA TTL, if add-soa was used. This has been fixed.
* When a query related to zone maintenance (NOTIFY, SOA) timed
out close to a view shutdown (triggered e.g. by rndc reload),
named could crash with an assertion failure. This has been
fixed.
* The statistics channel counters that indicated the number of
currently connected TCP IPv4/IPv6 clients were not properly
adjusted in certain failure scenarios. This has been fixed.
* Some servers that could not be reached due to EHOSTDOWN or
ENETDOWN conditions were incorrectly prioritized during server
selection. These are now properly handled as unreachable.
* On some systems the libuv call may return an error code when
sending a TCP reset for a connection, which triggers an
assertion failure in named. This error condition is now dealt
with in a more graceful manner, by logging the incident and
shutting down the connection.
* Changes to listen-on statements were ignored on reconfiguration
unless the port or interface address was changed, making it
impossible to change a related listener transport type. That
issue has been fixed.
* A bug in the keymgr code unintentionally slowed down some
DNSSEC key rollovers. This has been fixed.
* Some ISO 8601 durations were accepted erroneously, leading to
shorter durations than expected. This has been fixed
* A regression in cache-cleaning code enabled memory use to grow
significantly more quickly than before, until the configured
max-cache-size limit was reached. This has been fixed.
* Using rndc flush inadvertently caused cache cleaning to become
less effective. This could ultimately lead to the configured
max-cache-size limit being exceeded and has now been fixed.
* The logic for cleaning up expired cached DNS records was
tweaked to be more aggressive. This change helps with enforcing
max-cache-ttl and max-ncache-ttl in a timely manner.
* It was possible to trigger a use-after-free assertion when the
overmem cache cleaning was initiated. This has been fixed.
New Features:
* A new option signatures-jitter has been added to dnssec-policy
to allow signature expirations to be spread out over a period
of time.
* The statistics channel now includes counters that indicate the
number of currently connected TCP IPv4/IPv6 clients.
* Added RESOLVER.ARPA to the built in empty zones.
Feature Changes:
* DNSSEC signatures that are not valid because the current time
falls outside the signature inception and expiration dates are
skipped instead of causing an immediate validation failure.
Security Fixes:
* A malicious DNS client that sent many queries over TCP but
never read the responses could cause a server to respond slowly
or not at all for other clients. This has been fixed.
(CVE-2024-0760)
* It is possible to craft excessively large resource records
sets, which have the effect of slowing down database
processing. This has been addressed by adding a configurable
limit to the number of records that can be stored per name and
type in a cache or zone database. The default is 100, which can
be tuned with the new max-records-per-type option.
* It is possible to craft excessively large numbers of resource
record types for a given owner name, which has the effect of
slowing down database processing. This has been addressed by
adding a configurable limit to the number of records that can
be stored per name and type in a cache or zone database. The
default is 100, which can be tuned with the new
max-types-per-name option. (CVE-2024-1737)
* Validating DNS messages signed using the SIG(0) protocol (RFC
2931) could cause excessive CPU load, leading to a
denial-of-service condition. Support for SIG(0) message
validation was removed from this version of named.
(CVE-2024-1975)
* Due to a logic error, lookups that triggered serving stale data
and required lookups in local authoritative zone data could
have resulted in an assertion failure. This has been fixed.
* Potential data races were found in our DoH implementation,
related to HTTP/2 session object management and endpoints set
object management after reconfiguration. These issues have been
fixed.
* When looking up the NS records of parent zones as part of
looking up DS records, it was possible for named to trigger an
assertion failure if serve-stale was enabled. This has been
fixed. (CVE-2024-4076)
Patchnames
SUSE-2024-2636,SUSE-SLE-Module-Basesystem-15-SP6-2024-2636,SUSE-SLE-Module-Server-Applications-15-SP6-2024-2636,openSUSE-SLE-15.6-2024-2636
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for bind", title: "Title of the patch", }, { category: "description", text: "This update for bind fixes the following issues:\n\nUpdate to release 9.18.28\n\nSecurity fixes:\n\n- CVE-2024-0760: Fixed a flood of DNS messages over TCP may make the server unstable (bsc#1228255)\n- CVE-2024-1737: Fixed BIND's database will be slow if a very large number of RRs exist at the same name (bsc#1228256)\n- CVE-2024-1975: Fixed SIG(0) can be used to exhaust CPU resources (bsc#1228257)\n- CVE-2024-4076: Fixed assertion failure when serving both stale cache data and authoritative zone content (bsc#1228258)\n\nChangelog:\n\n * Command-line options for IPv4-only (named -4) and IPv6-only\n (named -6) modes are now respected for zone primaries,\n also-notify, and parental-agents.\n * An RPZ response’s SOA record TTL was set to 1 instead of the\n SOA TTL, if add-soa was used. This has been fixed.\n * When a query related to zone maintenance (NOTIFY, SOA) timed\n out close to a view shutdown (triggered e.g. by rndc reload),\n named could crash with an assertion failure. This has been\n fixed.\n * The statistics channel counters that indicated the number of\n currently connected TCP IPv4/IPv6 clients were not properly\n adjusted in certain failure scenarios. This has been fixed.\n * Some servers that could not be reached due to EHOSTDOWN or\n ENETDOWN conditions were incorrectly prioritized during server\n selection. These are now properly handled as unreachable.\n * On some systems the libuv call may return an error code when\n sending a TCP reset for a connection, which triggers an\n assertion failure in named. This error condition is now dealt\n with in a more graceful manner, by logging the incident and\n shutting down the connection.\n * Changes to listen-on statements were ignored on reconfiguration\n unless the port or interface address was changed, making it\n impossible to change a related listener transport type. That\n issue has been fixed.\n * A bug in the keymgr code unintentionally slowed down some\n DNSSEC key rollovers. This has been fixed.\n * Some ISO 8601 durations were accepted erroneously, leading to\n shorter durations than expected. This has been fixed\n * A regression in cache-cleaning code enabled memory use to grow\n significantly more quickly than before, until the configured\n max-cache-size limit was reached. This has been fixed.\n * Using rndc flush inadvertently caused cache cleaning to become\n less effective. This could ultimately lead to the configured\n max-cache-size limit being exceeded and has now been fixed.\n * The logic for cleaning up expired cached DNS records was\n tweaked to be more aggressive. This change helps with enforcing\n max-cache-ttl and max-ncache-ttl in a timely manner.\n * It was possible to trigger a use-after-free assertion when the\n overmem cache cleaning was initiated. This has been fixed.\n New Features:\n * A new option signatures-jitter has been added to dnssec-policy\n to allow signature expirations to be spread out over a period\n of time.\n * The statistics channel now includes counters that indicate the\n number of currently connected TCP IPv4/IPv6 clients.\n * Added RESOLVER.ARPA to the built in empty zones.\n Feature Changes:\n * DNSSEC signatures that are not valid because the current time\n falls outside the signature inception and expiration dates are\n skipped instead of causing an immediate validation failure.\n Security Fixes:\n * A malicious DNS client that sent many queries over TCP but\n never read the responses could cause a server to respond slowly\n or not at all for other clients. This has been fixed.\n (CVE-2024-0760)\n * It is possible to craft excessively large resource records\n sets, which have the effect of slowing down database\n processing. This has been addressed by adding a configurable\n limit to the number of records that can be stored per name and\n type in a cache or zone database. The default is 100, which can\n be tuned with the new max-records-per-type option.\n * It is possible to craft excessively large numbers of resource\n record types for a given owner name, which has the effect of\n slowing down database processing. This has been addressed by\n adding a configurable limit to the number of records that can\n be stored per name and type in a cache or zone database. The\n default is 100, which can be tuned with the new\n max-types-per-name option. (CVE-2024-1737)\n * Validating DNS messages signed using the SIG(0) protocol (RFC\n 2931) could cause excessive CPU load, leading to a\n denial-of-service condition. Support for SIG(0) message\n validation was removed from this version of named.\n (CVE-2024-1975)\n * Due to a logic error, lookups that triggered serving stale data\n and required lookups in local authoritative zone data could\n have resulted in an assertion failure. This has been fixed.\n * Potential data races were found in our DoH implementation,\n related to HTTP/2 session object management and endpoints set\n object management after reconfiguration. These issues have been\n fixed.\n * When looking up the NS records of parent zones as part of\n looking up DS records, it was possible for named to trigger an\n assertion failure if serve-stale was enabled. This has been\n fixed. (CVE-2024-4076)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2024-2636,SUSE-SLE-Module-Basesystem-15-SP6-2024-2636,SUSE-SLE-Module-Server-Applications-15-SP6-2024-2636,openSUSE-SLE-15.6-2024-2636", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2636-1.json", }, { category: "self", summary: "URL for SUSE-SU-2024:2636-1", url: "https://www.suse.com/support/update/announcement/2024/suse-su-20242636-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2024:2636-1", url: "https://lists.suse.com/pipermail/sle-updates/2024-July/036147.html", }, { category: "self", summary: "SUSE Bug 1228255", url: "https://bugzilla.suse.com/1228255", }, { category: "self", summary: "SUSE Bug 1228256", url: "https://bugzilla.suse.com/1228256", }, { category: "self", summary: "SUSE Bug 1228257", url: "https://bugzilla.suse.com/1228257", }, { category: "self", summary: "SUSE Bug 1228258", url: "https://bugzilla.suse.com/1228258", }, { category: "self", summary: "SUSE CVE CVE-2024-0760 page", url: "https://www.suse.com/security/cve/CVE-2024-0760/", }, { category: "self", summary: "SUSE CVE CVE-2024-1737 page", url: "https://www.suse.com/security/cve/CVE-2024-1737/", }, { category: "self", summary: "SUSE CVE CVE-2024-1975 page", url: "https://www.suse.com/security/cve/CVE-2024-1975/", }, { category: "self", summary: "SUSE CVE CVE-2024-4076 page", url: "https://www.suse.com/security/cve/CVE-2024-4076/", }, ], title: "Security update for bind", tracking: { current_release_date: "2024-07-30T07:14:23Z", generator: { date: "2024-07-30T07:14:23Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2024:2636-1", initial_release_date: "2024-07-30T07:14:23Z", revision_history: [ { date: "2024-07-30T07:14:23Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "bind-9.18.28-150600.3.3.1.aarch64", product: { name: "bind-9.18.28-150600.3.3.1.aarch64", product_id: "bind-9.18.28-150600.3.3.1.aarch64", }, }, { category: "product_version", name: "bind-utils-9.18.28-150600.3.3.1.aarch64", product: { name: "bind-utils-9.18.28-150600.3.3.1.aarch64", product_id: "bind-utils-9.18.28-150600.3.3.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "bind-9.18.28-150600.3.3.1.i586", product: { name: "bind-9.18.28-150600.3.3.1.i586", product_id: "bind-9.18.28-150600.3.3.1.i586", }, }, { category: "product_version", name: "bind-utils-9.18.28-150600.3.3.1.i586", product: { name: "bind-utils-9.18.28-150600.3.3.1.i586", product_id: "bind-utils-9.18.28-150600.3.3.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "bind-doc-9.18.28-150600.3.3.1.noarch", product: { name: "bind-doc-9.18.28-150600.3.3.1.noarch", product_id: "bind-doc-9.18.28-150600.3.3.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "bind-9.18.28-150600.3.3.1.ppc64le", product: { name: "bind-9.18.28-150600.3.3.1.ppc64le", product_id: "bind-9.18.28-150600.3.3.1.ppc64le", }, }, { category: "product_version", name: "bind-utils-9.18.28-150600.3.3.1.ppc64le", product: { name: "bind-utils-9.18.28-150600.3.3.1.ppc64le", product_id: "bind-utils-9.18.28-150600.3.3.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "bind-9.18.28-150600.3.3.1.s390x", product: { name: "bind-9.18.28-150600.3.3.1.s390x", product_id: "bind-9.18.28-150600.3.3.1.s390x", }, }, { category: "product_version", name: "bind-utils-9.18.28-150600.3.3.1.s390x", product: { name: "bind-utils-9.18.28-150600.3.3.1.s390x", product_id: "bind-utils-9.18.28-150600.3.3.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "bind-9.18.28-150600.3.3.1.x86_64", product: { name: "bind-9.18.28-150600.3.3.1.x86_64", product_id: "bind-9.18.28-150600.3.3.1.x86_64", }, }, { category: "product_version", name: "bind-utils-9.18.28-150600.3.3.1.x86_64", product: { name: "bind-utils-9.18.28-150600.3.3.1.x86_64", product_id: "bind-utils-9.18.28-150600.3.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15 SP6", product: { name: "SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15:sp6", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Server Applications 15 SP6", product: { name: "SUSE Linux Enterprise Module for Server Applications 15 SP6", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP6", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-server-applications:15:sp6", }, }, }, { category: "product_name", name: "openSUSE Leap 15.6", product: { name: "openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.6", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "bind-utils-9.18.28-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.aarch64", }, product_reference: "bind-utils-9.18.28-150600.3.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "bind-utils-9.18.28-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.ppc64le", }, product_reference: "bind-utils-9.18.28-150600.3.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "bind-utils-9.18.28-150600.3.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.s390x", }, product_reference: "bind-utils-9.18.28-150600.3.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "bind-utils-9.18.28-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.x86_64", }, product_reference: "bind-utils-9.18.28-150600.3.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "bind-9.18.28-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP6", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.aarch64", }, product_reference: "bind-9.18.28-150600.3.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP6", }, { category: "default_component_of", full_product_name: { name: "bind-9.18.28-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP6", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.ppc64le", }, product_reference: "bind-9.18.28-150600.3.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP6", }, { category: "default_component_of", full_product_name: { name: "bind-9.18.28-150600.3.3.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP6", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.s390x", }, product_reference: "bind-9.18.28-150600.3.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP6", }, { category: "default_component_of", full_product_name: { name: "bind-9.18.28-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP6", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.x86_64", }, product_reference: "bind-9.18.28-150600.3.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP6", }, { category: "default_component_of", full_product_name: { name: "bind-doc-9.18.28-150600.3.3.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15 SP6", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-doc-9.18.28-150600.3.3.1.noarch", }, product_reference: "bind-doc-9.18.28-150600.3.3.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP6", }, { category: "default_component_of", full_product_name: { name: "bind-9.18.28-150600.3.3.1.aarch64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.aarch64", }, product_reference: "bind-9.18.28-150600.3.3.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "bind-9.18.28-150600.3.3.1.ppc64le as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.ppc64le", }, product_reference: "bind-9.18.28-150600.3.3.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "bind-9.18.28-150600.3.3.1.s390x as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.s390x", }, product_reference: "bind-9.18.28-150600.3.3.1.s390x", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "bind-9.18.28-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.x86_64", }, product_reference: "bind-9.18.28-150600.3.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "bind-doc-9.18.28-150600.3.3.1.noarch as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:bind-doc-9.18.28-150600.3.3.1.noarch", }, product_reference: "bind-doc-9.18.28-150600.3.3.1.noarch", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "bind-utils-9.18.28-150600.3.3.1.aarch64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.aarch64", }, product_reference: "bind-utils-9.18.28-150600.3.3.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "bind-utils-9.18.28-150600.3.3.1.ppc64le as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.ppc64le", }, product_reference: "bind-utils-9.18.28-150600.3.3.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "bind-utils-9.18.28-150600.3.3.1.s390x as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.s390x", }, product_reference: "bind-utils-9.18.28-150600.3.3.1.s390x", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "bind-utils-9.18.28-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.x86_64", }, product_reference: "bind-utils-9.18.28-150600.3.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.6", }, ], }, vulnerabilities: [ { cve: "CVE-2024-0760", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-0760", }, ], notes: [ { category: "general", text: "A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. \nThis issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.x86_64", "openSUSE Leap 15.6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-0760", url: "https://www.suse.com/security/cve/CVE-2024-0760", }, { category: "external", summary: "SUSE Bug 1228255 for CVE-2024-0760", url: "https://bugzilla.suse.com/1228255", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.x86_64", "openSUSE Leap 15.6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.x86_64", "openSUSE Leap 15.6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-07-30T07:14:23Z", details: "important", }, ], title: "CVE-2024-0760", }, { cve: "CVE-2024-1737", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-1737", }, ], notes: [ { category: "general", text: "Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name.\nThis issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.x86_64", "openSUSE Leap 15.6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-1737", url: "https://www.suse.com/security/cve/CVE-2024-1737", }, { category: "external", summary: "SUSE Bug 1228256 for CVE-2024-1737", url: "https://bugzilla.suse.com/1228256", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.x86_64", "openSUSE Leap 15.6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.x86_64", "openSUSE Leap 15.6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-07-30T07:14:23Z", details: "important", }, ], title: "CVE-2024-1737", }, { cve: "CVE-2024-1975", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-1975", }, ], notes: [ { category: "general", text: "If a server hosts a zone containing a \"KEY\" Resource Record, or a resolver DNSSEC-validates a \"KEY\" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests.\nThis issue affects BIND 9 versions 9.0.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.49-S1, and 9.18.11-S1 through 9.18.27-S1.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.x86_64", "openSUSE Leap 15.6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-1975", url: "https://www.suse.com/security/cve/CVE-2024-1975", }, { category: "external", summary: "SUSE Bug 1228257 for CVE-2024-1975", url: "https://bugzilla.suse.com/1228257", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.x86_64", "openSUSE Leap 15.6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.x86_64", "openSUSE Leap 15.6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-07-30T07:14:23Z", details: "important", }, ], title: "CVE-2024-1975", }, { cve: "CVE-2024-4076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-4076", }, ], notes: [ { category: "general", text: "Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure.\nThis issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.x86_64", "openSUSE Leap 15.6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-4076", url: "https://www.suse.com/security/cve/CVE-2024-4076", }, { category: "external", summary: "SUSE Bug 1228258 for CVE-2024-4076", url: "https://bugzilla.suse.com/1228258", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.x86_64", "openSUSE Leap 15.6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:bind-utils-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-9.18.28-150600.3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-9.18.28-150600.3.3.1.x86_64", "openSUSE Leap 15.6:bind-doc-9.18.28-150600.3.3.1.noarch", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.aarch64", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.ppc64le", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.s390x", "openSUSE Leap 15.6:bind-utils-9.18.28-150600.3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-07-30T07:14:23Z", details: "important", }, ], title: "CVE-2024-4076", }, ], }
opensuse-su-2024:14217-1
Vulnerability from csaf_opensuse
Published
2024-07-26 00:00
Modified
2024-07-26 00:00
Summary
bind-9.20.0-1.1 on GA media
Notes
Title of the patch
bind-9.20.0-1.1 on GA media
Description of the patch
These are all security issues fixed in the bind-9.20.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-14217
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "bind-9.20.0-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the bind-9.20.0-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-14217", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14217-1.json", }, { category: "self", summary: "SUSE CVE CVE-2024-0760 page", url: "https://www.suse.com/security/cve/CVE-2024-0760/", }, { category: "self", summary: "SUSE CVE CVE-2024-1737 page", url: "https://www.suse.com/security/cve/CVE-2024-1737/", }, { category: "self", summary: "SUSE CVE CVE-2024-1975 page", url: "https://www.suse.com/security/cve/CVE-2024-1975/", }, { category: "self", summary: "SUSE CVE CVE-2024-4076 page", url: "https://www.suse.com/security/cve/CVE-2024-4076/", }, ], title: "bind-9.20.0-1.1 on GA media", tracking: { current_release_date: "2024-07-26T00:00:00Z", generator: { date: "2024-07-26T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:14217-1", initial_release_date: "2024-07-26T00:00:00Z", revision_history: [ { date: "2024-07-26T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "bind-9.20.0-1.1.aarch64", product: { name: "bind-9.20.0-1.1.aarch64", product_id: "bind-9.20.0-1.1.aarch64", }, }, { category: "product_version", name: "bind-doc-9.20.0-1.1.aarch64", product: { name: "bind-doc-9.20.0-1.1.aarch64", product_id: "bind-doc-9.20.0-1.1.aarch64", }, }, { category: "product_version", name: "bind-modules-bdbhpt-9.20.0-1.1.aarch64", product: { name: "bind-modules-bdbhpt-9.20.0-1.1.aarch64", product_id: "bind-modules-bdbhpt-9.20.0-1.1.aarch64", }, }, { category: "product_version", name: "bind-modules-generic-9.20.0-1.1.aarch64", product: { name: "bind-modules-generic-9.20.0-1.1.aarch64", product_id: "bind-modules-generic-9.20.0-1.1.aarch64", }, }, { category: "product_version", name: "bind-modules-ldap-9.20.0-1.1.aarch64", product: { name: "bind-modules-ldap-9.20.0-1.1.aarch64", product_id: "bind-modules-ldap-9.20.0-1.1.aarch64", }, }, { category: "product_version", name: "bind-modules-mysql-9.20.0-1.1.aarch64", product: { name: "bind-modules-mysql-9.20.0-1.1.aarch64", product_id: "bind-modules-mysql-9.20.0-1.1.aarch64", }, }, { category: "product_version", name: "bind-modules-perl-9.20.0-1.1.aarch64", product: { name: "bind-modules-perl-9.20.0-1.1.aarch64", product_id: "bind-modules-perl-9.20.0-1.1.aarch64", }, }, { category: "product_version", name: "bind-modules-sqlite3-9.20.0-1.1.aarch64", product: { name: "bind-modules-sqlite3-9.20.0-1.1.aarch64", product_id: "bind-modules-sqlite3-9.20.0-1.1.aarch64", }, }, { category: "product_version", name: "bind-utils-9.20.0-1.1.aarch64", product: { name: "bind-utils-9.20.0-1.1.aarch64", product_id: "bind-utils-9.20.0-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "bind-9.20.0-1.1.ppc64le", product: { name: "bind-9.20.0-1.1.ppc64le", product_id: "bind-9.20.0-1.1.ppc64le", }, }, { category: "product_version", name: "bind-doc-9.20.0-1.1.ppc64le", product: { name: "bind-doc-9.20.0-1.1.ppc64le", product_id: "bind-doc-9.20.0-1.1.ppc64le", }, }, { category: "product_version", name: "bind-modules-bdbhpt-9.20.0-1.1.ppc64le", product: { name: "bind-modules-bdbhpt-9.20.0-1.1.ppc64le", product_id: "bind-modules-bdbhpt-9.20.0-1.1.ppc64le", }, }, { category: "product_version", name: "bind-modules-generic-9.20.0-1.1.ppc64le", product: { name: "bind-modules-generic-9.20.0-1.1.ppc64le", product_id: "bind-modules-generic-9.20.0-1.1.ppc64le", }, }, { category: "product_version", name: "bind-modules-ldap-9.20.0-1.1.ppc64le", product: { name: "bind-modules-ldap-9.20.0-1.1.ppc64le", product_id: "bind-modules-ldap-9.20.0-1.1.ppc64le", }, }, { category: "product_version", name: "bind-modules-mysql-9.20.0-1.1.ppc64le", product: { name: "bind-modules-mysql-9.20.0-1.1.ppc64le", product_id: "bind-modules-mysql-9.20.0-1.1.ppc64le", }, }, { category: "product_version", name: "bind-modules-perl-9.20.0-1.1.ppc64le", product: { name: "bind-modules-perl-9.20.0-1.1.ppc64le", product_id: "bind-modules-perl-9.20.0-1.1.ppc64le", }, }, { category: "product_version", name: "bind-modules-sqlite3-9.20.0-1.1.ppc64le", product: { name: "bind-modules-sqlite3-9.20.0-1.1.ppc64le", product_id: "bind-modules-sqlite3-9.20.0-1.1.ppc64le", }, }, { category: "product_version", name: "bind-utils-9.20.0-1.1.ppc64le", product: { name: "bind-utils-9.20.0-1.1.ppc64le", product_id: "bind-utils-9.20.0-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "bind-9.20.0-1.1.s390x", product: { name: "bind-9.20.0-1.1.s390x", product_id: "bind-9.20.0-1.1.s390x", }, }, { category: "product_version", name: "bind-doc-9.20.0-1.1.s390x", product: { name: "bind-doc-9.20.0-1.1.s390x", product_id: "bind-doc-9.20.0-1.1.s390x", }, }, { category: "product_version", name: "bind-modules-bdbhpt-9.20.0-1.1.s390x", product: { name: "bind-modules-bdbhpt-9.20.0-1.1.s390x", product_id: "bind-modules-bdbhpt-9.20.0-1.1.s390x", }, }, { category: "product_version", name: "bind-modules-generic-9.20.0-1.1.s390x", product: { name: "bind-modules-generic-9.20.0-1.1.s390x", product_id: "bind-modules-generic-9.20.0-1.1.s390x", }, }, { category: "product_version", name: "bind-modules-ldap-9.20.0-1.1.s390x", product: { name: "bind-modules-ldap-9.20.0-1.1.s390x", product_id: "bind-modules-ldap-9.20.0-1.1.s390x", }, }, { category: "product_version", name: "bind-modules-mysql-9.20.0-1.1.s390x", product: { name: "bind-modules-mysql-9.20.0-1.1.s390x", product_id: "bind-modules-mysql-9.20.0-1.1.s390x", }, }, { category: "product_version", name: "bind-modules-perl-9.20.0-1.1.s390x", product: { name: "bind-modules-perl-9.20.0-1.1.s390x", product_id: "bind-modules-perl-9.20.0-1.1.s390x", }, }, { category: "product_version", name: "bind-modules-sqlite3-9.20.0-1.1.s390x", product: { name: "bind-modules-sqlite3-9.20.0-1.1.s390x", product_id: "bind-modules-sqlite3-9.20.0-1.1.s390x", }, }, { category: "product_version", name: "bind-utils-9.20.0-1.1.s390x", product: { name: "bind-utils-9.20.0-1.1.s390x", product_id: "bind-utils-9.20.0-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "bind-9.20.0-1.1.x86_64", product: { name: "bind-9.20.0-1.1.x86_64", product_id: "bind-9.20.0-1.1.x86_64", }, }, { category: "product_version", name: "bind-doc-9.20.0-1.1.x86_64", product: { name: "bind-doc-9.20.0-1.1.x86_64", product_id: "bind-doc-9.20.0-1.1.x86_64", }, }, { category: "product_version", name: "bind-modules-bdbhpt-9.20.0-1.1.x86_64", product: { name: "bind-modules-bdbhpt-9.20.0-1.1.x86_64", product_id: "bind-modules-bdbhpt-9.20.0-1.1.x86_64", }, }, { category: "product_version", name: "bind-modules-generic-9.20.0-1.1.x86_64", product: { name: "bind-modules-generic-9.20.0-1.1.x86_64", product_id: "bind-modules-generic-9.20.0-1.1.x86_64", }, }, { category: "product_version", name: "bind-modules-ldap-9.20.0-1.1.x86_64", product: { name: "bind-modules-ldap-9.20.0-1.1.x86_64", product_id: "bind-modules-ldap-9.20.0-1.1.x86_64", }, }, { category: "product_version", name: "bind-modules-mysql-9.20.0-1.1.x86_64", product: { name: "bind-modules-mysql-9.20.0-1.1.x86_64", product_id: "bind-modules-mysql-9.20.0-1.1.x86_64", }, }, { category: "product_version", name: "bind-modules-perl-9.20.0-1.1.x86_64", product: { name: "bind-modules-perl-9.20.0-1.1.x86_64", product_id: "bind-modules-perl-9.20.0-1.1.x86_64", }, }, { category: "product_version", name: "bind-modules-sqlite3-9.20.0-1.1.x86_64", product: { name: "bind-modules-sqlite3-9.20.0-1.1.x86_64", product_id: "bind-modules-sqlite3-9.20.0-1.1.x86_64", }, }, { category: "product_version", name: "bind-utils-9.20.0-1.1.x86_64", product: { name: "bind-utils-9.20.0-1.1.x86_64", product_id: "bind-utils-9.20.0-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "bind-9.20.0-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-9.20.0-1.1.aarch64", }, product_reference: "bind-9.20.0-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-9.20.0-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-9.20.0-1.1.ppc64le", }, product_reference: "bind-9.20.0-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-9.20.0-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-9.20.0-1.1.s390x", }, product_reference: "bind-9.20.0-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-9.20.0-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-9.20.0-1.1.x86_64", }, product_reference: "bind-9.20.0-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-doc-9.20.0-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.aarch64", }, product_reference: "bind-doc-9.20.0-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-doc-9.20.0-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.ppc64le", }, product_reference: "bind-doc-9.20.0-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-doc-9.20.0-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.s390x", }, product_reference: "bind-doc-9.20.0-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-doc-9.20.0-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.x86_64", }, product_reference: "bind-doc-9.20.0-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-bdbhpt-9.20.0-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.aarch64", }, product_reference: "bind-modules-bdbhpt-9.20.0-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-bdbhpt-9.20.0-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.ppc64le", }, product_reference: "bind-modules-bdbhpt-9.20.0-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-bdbhpt-9.20.0-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.s390x", }, product_reference: "bind-modules-bdbhpt-9.20.0-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-bdbhpt-9.20.0-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.x86_64", }, product_reference: "bind-modules-bdbhpt-9.20.0-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-generic-9.20.0-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.aarch64", }, product_reference: "bind-modules-generic-9.20.0-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-generic-9.20.0-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.ppc64le", }, product_reference: "bind-modules-generic-9.20.0-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-generic-9.20.0-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.s390x", }, product_reference: "bind-modules-generic-9.20.0-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-generic-9.20.0-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.x86_64", }, product_reference: "bind-modules-generic-9.20.0-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-ldap-9.20.0-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.aarch64", }, product_reference: "bind-modules-ldap-9.20.0-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-ldap-9.20.0-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.ppc64le", }, product_reference: "bind-modules-ldap-9.20.0-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-ldap-9.20.0-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.s390x", }, product_reference: "bind-modules-ldap-9.20.0-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-ldap-9.20.0-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.x86_64", }, product_reference: "bind-modules-ldap-9.20.0-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-mysql-9.20.0-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.aarch64", }, product_reference: "bind-modules-mysql-9.20.0-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-mysql-9.20.0-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.ppc64le", }, product_reference: "bind-modules-mysql-9.20.0-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-mysql-9.20.0-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.s390x", }, product_reference: "bind-modules-mysql-9.20.0-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-mysql-9.20.0-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.x86_64", }, product_reference: "bind-modules-mysql-9.20.0-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-perl-9.20.0-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.aarch64", }, product_reference: "bind-modules-perl-9.20.0-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-perl-9.20.0-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.ppc64le", }, product_reference: "bind-modules-perl-9.20.0-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-perl-9.20.0-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.s390x", }, product_reference: "bind-modules-perl-9.20.0-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-perl-9.20.0-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.x86_64", }, product_reference: "bind-modules-perl-9.20.0-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-sqlite3-9.20.0-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.aarch64", }, product_reference: "bind-modules-sqlite3-9.20.0-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-sqlite3-9.20.0-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.ppc64le", }, product_reference: "bind-modules-sqlite3-9.20.0-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-sqlite3-9.20.0-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.s390x", }, product_reference: "bind-modules-sqlite3-9.20.0-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-modules-sqlite3-9.20.0-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.x86_64", }, product_reference: "bind-modules-sqlite3-9.20.0-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-utils-9.20.0-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.aarch64", }, product_reference: "bind-utils-9.20.0-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-utils-9.20.0-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.ppc64le", }, product_reference: "bind-utils-9.20.0-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-utils-9.20.0-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.s390x", }, product_reference: "bind-utils-9.20.0-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "bind-utils-9.20.0-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.x86_64", }, product_reference: "bind-utils-9.20.0-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2024-0760", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-0760", }, ], notes: [ { category: "general", text: "A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. \nThis issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:bind-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-0760", url: "https://www.suse.com/security/cve/CVE-2024-0760", }, { category: "external", summary: "SUSE Bug 1228255 for CVE-2024-0760", url: "https://bugzilla.suse.com/1228255", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:bind-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:bind-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-07-26T00:00:00Z", details: "important", }, ], title: "CVE-2024-0760", }, { cve: "CVE-2024-1737", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-1737", }, ], notes: [ { category: "general", text: "Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name.\nThis issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:bind-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-1737", url: "https://www.suse.com/security/cve/CVE-2024-1737", }, { category: "external", summary: "SUSE Bug 1228256 for CVE-2024-1737", url: "https://bugzilla.suse.com/1228256", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:bind-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:bind-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-07-26T00:00:00Z", details: "important", }, ], title: "CVE-2024-1737", }, { cve: "CVE-2024-1975", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-1975", }, ], notes: [ { category: "general", text: "If a server hosts a zone containing a \"KEY\" Resource Record, or a resolver DNSSEC-validates a \"KEY\" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests.\nThis issue affects BIND 9 versions 9.0.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.49-S1, and 9.18.11-S1 through 9.18.27-S1.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:bind-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-1975", url: "https://www.suse.com/security/cve/CVE-2024-1975", }, { category: "external", summary: "SUSE Bug 1228257 for CVE-2024-1975", url: "https://bugzilla.suse.com/1228257", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:bind-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:bind-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-07-26T00:00:00Z", details: "important", }, ], title: "CVE-2024-1975", }, { cve: "CVE-2024-4076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-4076", }, ], notes: [ { category: "general", text: "Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure.\nThis issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:bind-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-4076", url: "https://www.suse.com/security/cve/CVE-2024-4076", }, { category: "external", summary: "SUSE Bug 1228258 for CVE-2024-4076", url: "https://bugzilla.suse.com/1228258", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:bind-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:bind-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-doc-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-bdbhpt-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-generic-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-ldap-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-mysql-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-perl-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-modules-sqlite3-9.20.0-1.1.x86_64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.aarch64", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.ppc64le", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.s390x", "openSUSE Tumbleweed:bind-utils-9.20.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-07-26T00:00:00Z", details: "important", }, ], title: "CVE-2024-4076", }, ], }
gsd-2024-0760
Vulnerability from gsd
Modified
2024-01-20 06:02
Details
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Aliases
{ gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2024-0760", ], id: "GSD-2024-0760", modified: "2024-01-20T06:02:16.084218Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2024-0760", STATE: "RESERVED", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.", }, ], }, }, }, }
ghsa-v3r3-642v-rqj8
Vulnerability from github
Published
2024-07-23 15:31
Modified
2024-07-31 12:31
Severity ?
Details
A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.
{ affected: [], aliases: [ "CVE-2024-0760", ], database_specific: { cwe_ids: [ "CWE-770", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2024-07-23T15:15:03Z", severity: "HIGH", }, details: "A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. \nThis issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.", id: "GHSA-v3r3-642v-rqj8", modified: "2024-07-31T12:31:46Z", published: "2024-07-23T15:31:09Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-0760", }, { type: "WEB", url: "https://kb.isc.org/docs/cve-2024-0760", }, { type: "WEB", url: "http://www.openwall.com/lists/oss-security/2024/07/23/1", }, { type: "WEB", url: "http://www.openwall.com/lists/oss-security/2024/07/31/2", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.