Search CVE reports


Toggle filters

11 – 13 of 13 results


CVE-2023-2911

Medium priority

Some fixes available 7 of 10

If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop...

3 affected packages

bind9, bind9-libs, isc-dhcp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bind9 Fixed Fixed Fixed Not affected Not affected
bind9-libs Not in release Not affected Not affected Not in release Not in release
isc-dhcp Not affected Not affected Not affected Needs evaluation Not affected
Show less packages

CVE-2023-2828

Medium priority

Some fixes available 10 of 18

Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can...

3 affected packages

bind9, bind9-libs, isc-dhcp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bind9 Fixed Fixed Fixed Fixed Fixed
bind9-libs Not in release Needs evaluation Needs evaluation Not in release Not in release
isc-dhcp Needs evaluation Not affected Not affected Needs evaluation Not affected
Show less packages

CVE-2022-2795

Medium priority

Some fixes available 10 of 17

By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver’s performance, effectively denying legitimate clients access to the DNS resolution service.

3 affected packages

bind9, bind9-libs, isc-dhcp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bind9 Fixed Fixed Fixed Fixed Fixed
bind9-libs Not in release Needs evaluation Needs evaluation Not in release Not in release
isc-dhcp Vulnerable Not affected Not affected Not affected Not affected
Show less packages