CVE-2024-0760

CWE-770Allocation without LimitsCWE-400Uncontrolled Resource Consumption10 documents8 sources
Severity
7.5HIGH
EPSS
16.7%
top 5.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
ISC Bind 9
Timeline
PublishedJul 23

Description

A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

Alpinebind< 9.18.31-r0+6
Debianbind9< 1:9.18.28-1~deb12u1+2
Ubuntubind9< 1:9.18.28-0ubuntu0.20.04.1+2
CVEListV5isc/bind_99.18.19.18.27+2

🔴Vulnerability Details

5
CVEList
A flood of DNS messages over TCP may make the server unstable2024-07-23
OSV
CVE-2024-0760: A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress2024-07-23
OSV
bind9 vulnerabilities2024-07-23
GHSA
GHSA-v3r3-642v-rqj8: A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress2024-07-23
OSV
CVE-2024-0760: A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress2024-07-23

📋Vendor Advisories

4
Ubuntu
Bind vulnerabilities2024-07-23
Red Hat
bind: bind9: A flood of DNS messages over TCP may make the server unstable2024-07-23
Microsoft
A flood of DNS messages over TCP may make the server unstable2024-07-09
Debian
CVE-2024-0760: bind9 - A malicious client can send many DNS messages over TCP, potentially causing the ...2024