CVE-2023-2828
Severity
7.5HIGH
EPSS
0.9%
top 24.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 21
Latest updateJul 18
Description
Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the configuration file; it defaults to 90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the configured limit, a cache-cleaning algorithm starts to remove expired and/or least-re…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6
Affected Packages4 packages
Also affects: Debian Linux 10.0, 11.0, 12.0, Fedora 37, 38
Patches
🔴Vulnerability Details
6OSV▶
CVE-2023-2828: Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent↗2023-06-21
GHSA▶
GHSA-v668-ccv8-m5gx: Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent↗2023-06-21
📋Vendor Advisories
5Debian▶
CVE-2023-2828: bind9 - Every `named` instance configured to run as a recursive resolver maintains a cac...↗2023