Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu 24.04 LTS USN-6909-1 Critical: Bind Denial Of Service

ubuntu
Calendar Grey July 23, 2024
Dist Ubuntu Esm H88
Several vulnerabilities addressed in Bind for Ubuntu, impacting several LTS versions, including risks related to denial of service.
Several security issues were fixed in Bind.

Summary

Several security issues were fixed in Bind.

Software Description:

- bind9: Internet Domain Name Server

Details:

It was discovered that Bind incorrectly handled a flood of DNS messages

over TCP. A remote attacker could possibly use this issue to cause Bind to

become unstable, resulting in a denial of service. (CVE-2024-0760)

Toshifumi Sakaguchi discovered that Bind incorrectly handled having a very

large number of RRs existing at the same time. A remote attacker could

possibly use this issue to cause Bind to consume resources, leading to a

denial of service. (CVE-2024-1737)

It was discovered that Bind incorrectly handled a large number of SIG(0)

signed requests. A remote attacker could possibly use this issue to cause

Bind to consume resources, leading to a denial of service. (CVE-2024-1975)

Daniel Stränger discovered that Bind incorrectly handled serving both

stable cache data and authoritative zone content. A remote attacker could

possibly use this is...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
   bind9                           1:9.18.28-0ubuntu0.24.04.1

Ubuntu 22.04 LTS
   bind9                           1:9.18.28-0ubuntu0.22.04.1

Ubuntu 20.04 LTS
   bind9                           1:9.18.28-0ubuntu0.20.04.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References

https://ubuntu.com/security/notices/USN-6909-1

CVE-2024-0760, CVE-2024-1737, CVE-2024-1975, CVE-2024-4076

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6909-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here