CVE-2020-8623: In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that…

high7.5CVSS 3.1

AVNACLPRNUINSUCNINAH

In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with "--enable-native-pkcs11" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker

Affected

31 ranges· showing 25

Vendor	Product	Version range	Fixed in
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
debian	bind9	< bind9 1:9.16.6-1 (bookworm)	bind9 1:9.16.6-1 (bookworm)
debian	debian_linux	—	—
debian	debian_linux	—	—
fedoraproject	fedora	—	—
fedoraproject	fedora	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	9.10.0 – 9.11.21	—
isc	bind	9.12.1 – 9.16.5	—
isc	bind	9.17.0 – 9.17.3	—
isc	bind9	>= 0 < 1:9.16.6-1	1:9.16.6-1
isc	bind9	>= 0 < 1:9.16.6-1	1:9.16.6-1
isc	bind9	>= 0 < 1:9.16.6-1	1:9.16.6-1
isc	bind9	>= 0 < 1:9.16.6-1	1:9.16.6-1
isc	bind9	>= 0 < 1:9.10.3.dfsg.P4-8ubuntu1.17	1:9.10.3.dfsg.P4-8ubuntu1.17
isc	bind9	>= 0 < 1:9.11.3+dfsg-1ubuntu1.13	1:9.11.3+dfsg-1ubuntu1.13
isc	bind9	>= 0 < 1:9.16.1-0ubuntu2.3	1:9.16.1-0ubuntu2.3
isc	bind9	>= 9.10.0 < unspecified	unspecified
isc	bind9	>= 9.10.5-S1 < Supported Preview*	Supported Preview*
isc	bind9	>= 9.12.0 < unspecified	unspecified
isc	bind9	>= 9.17.0 < unspecified	unspecified
isc	bind9	>= unspecified < 9.11.22	9.11.22

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

osv7.5HIGH