Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu 21.04: 4929-1 Critical Bind Denial Of Service Issues

ubuntu
Calendar Grey April 29, 2021
Dist Ubuntu Esm H88
Numerous significant Bind flaws resolved in Ubuntu 21.04 and prior releases through security patches to mitigate DoS risks.
Several security issues were fixed in Bind.

Summary

Several security issues were fixed in Bind.

Software Description:

- bind9: Internet Domain Name Server

Details:

Greg Kuechle discovered that Bind incorrectly handled certain incremental

zone updates. A remote attacker could possibly use this issue to cause Bind

to crash, resulting in a denial of service. (CVE-2021-25214)

Siva Kakarla discovered that Bind incorrectly handled certain DNAME

records. A remote attacker could possibly use this issue to cause Bind to

crash, resulting in a denial of service. (CVE-2021-25215)

It was discovered that Bind incorrectly handled GSSAPI security policy

negotiation. A remote attacker could use this issue to cause Bind to crash,

resulting in a denial of service, or possibly execute arbitrary code.

(CVE-2021-25216)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.04:
  bind9                           1:9.16.8-1ubuntu3.1

Ubuntu 20.10:
  bind9                           1:9.16.6-3ubuntu1.2

Ubuntu 20.04 LTS:
  bind9                           1:9.16.1-0ubuntu2.8

Ubuntu 18.04 LTS:
  bind9                           1:9.11.3+dfsg-1ubuntu1.15

Ubuntu 16.04 LTS:
  bind9                           1:9.10.3.dfsg.P4-8ubuntu1.19

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4929-1

CVE-2021-25214, CVE-2021-25215, CVE-2021-25216

Severity
critical
Lowest
Low
Medium
High
Critical

April 29, 2021

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here