Severity Level: High
Title:
Multiple vulnerabilities in BIND 9 DNS software
Timestamp:
Friday July 26, 2024
Summary:
there are Multiple vulnerabilities in BIND 9 DNS software could be exploited for denial-of-service (DoS) attacks
CVE-2024-4076: Logic error leading to assertion failure (CVSS 7.5).
• CVE-2024-1975: Excessive CPU load during DNS message validation (CVSS 7.5).
• CVE-2024-1737: Potential for large resource record types causing slow database processing (CVSS 7.5).
• CVE-2024-0760: Malicious TCP queries causing server response issues (CVSS 7.5).
Impact of Vulnerabilities: • Server Termination: Exploitation may lead to unexpected termination of server instances. • Resource Depletion: Significant depletion of available CPU resources.
• Query Processing: Slowed down query processing by up to 100 times, leading to unresponsiveness
Patch Releases: • Patches issued in BIND 9 versions 9.18.28, 9.20.0, and 9.18.28-S1 to address these vulnerabilities.
Recommendations:
recommends to install the patched versions at the earliest
References:
For references :
Click here