CVE-2016-9444

Published: 11 January 2017

named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DS resource record in an answer.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
bind9
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 LTS (Xenial Xerus)
Released (1:9.10.3.dfsg.P4-8ubuntu1.4)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (1:9.9.5.dfsg-3ubuntu0.11)
Ubuntu 12.04 ESM (Precise Pangolin) Not vulnerable
(1:9.8.1.dfsg.P1-4ubuntu0.19)