CVE-2020-8618

Published: 17 June 2020

An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.

Priority

Medium

CVSS 3 base score: 4.9

Status

Package Release Status
bind9
Launchpad, Ubuntu, Debian
Upstream
Released (9.16.4)
Ubuntu 20.04 LTS (Focal Fossa)
Released (1:9.16.1-0ubuntu2.2)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(code not present)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(code not present)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(code not present)