Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Debian 10 Buster DLA-3498-1: Fix for Bind9 Denial of Service Risk

debian lts
Calendar Grey July 19, 2023
Dist Debian Esm H88
It's advised to apply a patch for the DoS flaw in bind9 that impacts Debian LTS platforms. Make sure to upgrade your packages to maintain system security.
It was discovered that there was a potential denial of service (DoS) in bind9, the popular Domain Name Server (DNS) server
Topics%20covered

Topics Covered

security advisory security issue debian DoS threat bind9

Summary

Shoham Danino, Anat Bremler-Barr, Yehuda Afek and Yuval Shavitt
discovered that a flaw in the cache-cleaning algorithm used in named
can cause that named's configured cache size limit can be
significantly exceeded, potentially resulting in a denial of service
attack.

For Debian 10 buster, this problem has been fixed in version
1:9.11.5.P4+dfsg-5.1+deb10u9.

We recommend that you upgrade your bind9 packages.

For the detailed security status of bind9 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/bind9

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



Severity
critical
Lowest
Low
Medium
High
Critical

Package: bind9
Version: 1:9.11.5.P4+dfsg-5.1+deb10u9
CVE ID: CVE-2023-2828

Topics%20covered

Topics Covered

security advisory security issue debian DoS threat bind9

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here