CVE-2023-5680
Published: 13 February 2024
If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.
Notes
Author | Note |
---|---|
alexmurray | As of isc-dhcp-4.4.3-1, isc-dhcp vendors bind9 libs |
mdeslaur | only affects the Bind Supported Preview Edition |
Priority
Status
Package | Release | Status |
---|---|---|
bind9 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Not vulnerable
|
|
jammy |
Not vulnerable
|
|
mantic |
Not vulnerable
|
|
noble |
Not vulnerable
|
|
trusty |
Not vulnerable
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
|
|
isc-dhcp Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Not vulnerable
(code not present)
|
|
jammy |
Not vulnerable
(code not present)
|
|
mantic |
Not vulnerable
|
|
noble |
Not vulnerable
|
|
trusty |
Not vulnerable
(code not present)
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code not present)
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 5.3 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | None |
Integrity impact | None |
Availability impact | Low |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |