Your submission was sent successfully! Close

CVE-2021-25220

Published: 16 March 2022

BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.

Priority

Medium

CVSS 3 base score: 8.6

Status

Package Release Status
bind9
Launchpad, Ubuntu, Debian
bionic
Released (1:9.11.3+dfsg-1ubuntu1.17)
focal
Released (1:9.16.1-0ubuntu2.10)
impish
Released (1:9.16.15-1ubuntu1.2)
jammy
Released (1:9.18.0-2ubuntu3)
trusty
Released (1:9.9.5.dfsg-3ubuntu0.19+esm6)
upstream
Released (9.18.1)
xenial
Released (1:9.10.3.dfsg.P4-8ubuntu1.19+esm2)