CVE-2023-5680

CWE-400 — Uncontrolled Resource Consumption7 documents7 sources

Severity

5.3MEDIUM

EPSS

0.1%

top 71.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ISC Bind 9 ISC Bind

Timeline

PublishedFeb 13

Description

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

▶Alpinebind< 9.16.48-r0+7

▶CVEListV5isc/bind_99.11.3-S1 — 9.11.37-S1+2

▶NVDisc/bind24 versions+23

🔴Vulnerability Details

CVEList

Cleaning an ECS-enabled cache may cause excessive CPU load↗2024-02-13

▶

GHSA

GHSA-m868-f948-vvjc: If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can↗2024-02-13

▶

OSV

CVE-2023-5680: If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can↗2024-02-13

▶

📋Vendor Advisories

Red Hat

bind9: Cleaning an ECS-enabled cache may cause excessive CPU load↗2024-02-13

▶

Microsoft

Cleaning an ECS-enabled cache may cause excessive CPU load↗2024-02-13

▶

Debian

CVE-2023-5680: bind9 - If a resolver cache has a very large number of ECS records stored for the same n...↗2023

▶