USN-6633-1

Source
https://ubuntu.com/security/notices/USN-6633-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6633-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-6633-1
Related
Published
2024-02-13T15:30:25.055538Z
Modified
2024-02-13T15:30:25.055538Z
Summary
bind9 vulnerabilities
Details

Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2023-4408)

Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind icorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2023-50387)

It was discovered that Bind incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2023-50868)

It was discovered that Bind incorrectly handled reverse zone queries when nxdomain-redirect is enabled. A remote attacker could possibly use this issue to cause Bind to crash, leading to a denial of service. (CVE-2023-5517)

It was discovered that Bind incorrectly handled recursive resolution when both DNS64 and serve-stable were enabled. A remote attacker could possibly use this issue to cause Bind to crash, leading to a denial of service. (CVE-2023-5679)

References

Affected packages

Ubuntu:22.04:LTS / bind9

Package

Name
bind9
Purl
pkg:deb/ubuntu/bind9?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:9.18.18-0ubuntu0.22.04.2

Affected versions

1:9.*

1:9.16.15-1ubuntu1
1:9.16.15-1ubuntu2
1:9.16.15-1ubuntu3
1:9.18.0-2ubuntu1
1:9.18.0-2ubuntu2
1:9.18.0-2ubuntu3
1:9.18.1-1ubuntu1
1:9.18.1-1ubuntu1.1
1:9.18.1-1ubuntu1.2
1:9.18.1-1ubuntu1.3
1:9.18.12-0ubuntu0.22.04.1
1:9.18.12-0ubuntu0.22.04.2
1:9.18.12-0ubuntu0.22.04.3
1:9.18.18-0ubuntu0.22.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "1:9.18.18-0ubuntu0.22.04.2",
            "binary_name": "bind9"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu0.22.04.2",
            "binary_name": "bind9-dbgsym"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu0.22.04.2",
            "binary_name": "bind9-dev"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu0.22.04.2",
            "binary_name": "bind9-dnsutils"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu0.22.04.2",
            "binary_name": "bind9-dnsutils-dbgsym"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu0.22.04.2",
            "binary_name": "bind9-doc"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu0.22.04.2",
            "binary_name": "bind9-host"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu0.22.04.2",
            "binary_name": "bind9-host-dbgsym"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu0.22.04.2",
            "binary_name": "bind9-libs"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu0.22.04.2",
            "binary_name": "bind9-libs-dbgsym"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu0.22.04.2",
            "binary_name": "bind9-utils"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu0.22.04.2",
            "binary_name": "bind9-utils-dbgsym"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu0.22.04.2",
            "binary_name": "bind9utils"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu0.22.04.2",
            "binary_name": "dnsutils"
        }
    ]
}

Ubuntu:23.10 / bind9

Package

Name
bind9
Purl
pkg:deb/ubuntu/bind9?arch=src?distro=mantic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:9.18.18-0ubuntu2.1

Affected versions

1:9.*

1:9.18.12-1ubuntu1
1:9.18.16-1ubuntu1
1:9.18.16-1ubuntu3
1:9.18.16-1ubuntu4
1:9.18.18-0ubuntu1
1:9.18.18-0ubuntu2

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "1:9.18.18-0ubuntu2.1",
            "binary_name": "bind9"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu2.1",
            "binary_name": "bind9-dbgsym"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu2.1",
            "binary_name": "bind9-dev"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu2.1",
            "binary_name": "bind9-dnsutils"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu2.1",
            "binary_name": "bind9-dnsutils-dbgsym"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu2.1",
            "binary_name": "bind9-doc"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu2.1",
            "binary_name": "bind9-host"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu2.1",
            "binary_name": "bind9-host-dbgsym"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu2.1",
            "binary_name": "bind9-libs"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu2.1",
            "binary_name": "bind9-libs-dbgsym"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu2.1",
            "binary_name": "bind9-utils"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu2.1",
            "binary_name": "bind9-utils-dbgsym"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu2.1",
            "binary_name": "bind9utils"
        },
        {
            "binary_version": "1:9.18.18-0ubuntu2.1",
            "binary_name": "dnsutils"
        }
    ]
}