CVE-2019-6471

Published: 19 June 2019

A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1.

Priority

Medium

CVSS 3 base score: 5.9

Status

Package Release Status
bind9
Launchpad, Ubuntu, Debian
Upstream Pending

Ubuntu 18.04 LTS (Bionic Beaver)
Released (1:9.11.3+dfsg-1ubuntu1.8)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(code not present)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(code not present)