Alerts This Week
Warning Icon 1 1,153
Alerts This Week
Warning Icon 1 1,153

Ubuntu 23.10 & 22.04 LTS USN-6633-1 Moderate: Bind Denial Of Service

ubuntu
Calendar Grey February 13, 2024
Dist Ubuntu Esm H88
Multiple security flaws in Bind resolved for Ubuntu 22.04 LTS and 23.10, mitigating possible denial of service threats.
Several security issues were fixed in Bind.

Summary

Several security issues were fixed in Bind.

Software Description:

- bind9: Internet Domain Name Server

Details:

Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered

that Bind incorrectly handled parsing large DNS messages. A remote attacker

could possibly use this issue to cause Bind to consume resources, leading

to a denial of service. (CVE-2023-4408)

Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered

that Bind icorrectly handled validating DNSSEC messages. A remote attacker

could possibly use this issue to cause Bind to consume resources, leading

to a denial of service. (CVE-2023-50387)

It was discovered that Bind incorrectly handled preparing an NSEC3 closest

encloser proof. A remote attacker could possibly use this issue to cause

Bind to consume resources, leading to a denial of service. (CVE-2023-50868)

It was discovered that Bind incorrectly handled reverse zone queries when

nxdomain-redirect is enab...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.10:
   bind9                           1:9.18.18-0ubuntu2.1

Ubuntu 22.04 LTS:
   bind9                           1:9.18.18-0ubuntu0.22.04.2

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6633-1

CVE-2023-4408, CVE-2023-50387, CVE-2023-50868, CVE-2023-5517,

CVE-2023-5679

Ubuntu Security Notice USN-6633-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here