Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

Ubuntu 20.04: USN-6642-2 Addresses Moderate Security Flaws in Bind

Calendar Feb 19, 2024 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory moderate denial of service Ubuntu bind9 resource management
Several security issues were fixed in Bind. 
==========================================================================
Ubuntu Security Notice USN-6642-1
February 19, 2024

bind9 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in Bind.

Software Description:
- bind9: Internet Domain Name Server

Details:

Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered
that Bind incorrectly handled parsing large DNS messages. A remote attacker
could possibly use this issue to cause Bind to consume resources, leading
to a denial of service. (CVE-2023-4408)

Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered
that Bind icorrectly handled validating DNSSEC messages. A remote attacker
could possibly use this issue to cause Bind to consume resources, leading
to a denial of service. (CVE-2023-50387)

It was discovered that Bind incorrectly handled preparing an NSEC3 closest
encloser proof. A remote attacker could possibly use this issue to cause
Bind to consume resources, leading to a denial of service. (CVE-2023-50868)

It was discovered that Bind incorrectly handled reverse zone queries when
nxdomain-redirect is enabled. A remote attacker could possibly use this
issue to cause Bind to crash, leading to a denial of service.
(CVE-2023-5517)

It was discovered that Bind incorrectly handled certain specific recursive
query patterns. A remote attacker could possibly use this issue to cause
Bind to consume memory, leading to a denial of service. (CVE-2023-6516)

Bind has been updated to 9.6.48. In addition to security fixes, the updated
packages contain bug fixes, new features, and possibly incompatible
changes.

Please see the following for more information:
https://downloads.isc.org/isc/bind9/9.16.48/doc/arm/html/notes.html

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
   bind9                           1:9.16.48-0ubuntu0.20.04.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
   https://ubuntu.com/security/notices/USN-6642-1
   CVE-2023-4408, CVE-2023-50387, CVE-2023-50868, CVE-2023-5517,
   CVE-2023-6516

Package Information:
   https://launchpad.net/ubuntu/+source/bind9/1:9.16.48-0ubuntu0.20.04.1

Ubuntu 20.04: USN-6642-2 Addresses Moderate Security Flaws in Bind

ubuntu
Calendar Grey February 19, 2024
Dist Ubuntu Esm H88
Several Bind security flaws discovered in Ubuntu 20.04 LTS could result in possible denial of service; system updates advised.
Several security issues were fixed in Bind.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in Bind. Software Description: - bind9: Internet Domain Name Server Details: Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2023-4408) Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind icorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2023-50387) It was discovered that Bind incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2023-50...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate denial of service Ubuntu bind9 resource management

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: bind9 1:9.16.48-0ubuntu0.20.04.1 This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6642-1

CVE-2023-4408, CVE-2023-50387, CVE-2023-50868, CVE-2023-5517,

CVE-2023-6516

Ubuntu Security Notice USN-6642-1

Topics%20covered

Topics Covered

security advisory moderate denial of service Ubuntu bind9 resource management

Package Information

https://launchpad.net/ubuntu/+source/bind9/1:9.16.48-0ubuntu0.20.04.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here