AZL-34351

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-34351.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-34351

Upstream

CVE-2023-5679

Published

2024-02-13T14:15:45Z

Modified

2026-04-01T05:11:26.137886Z

Summary

CVE-2023-5679 affecting package bind for versions less than 9.16.48-1

Details

A bad interaction between DNS64 and serve-stale may cause named to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.

References

https://nvd.nist.gov/vuln/detail/CVE-2023-5679

Affected packages

Azure Linux:2 / bind

Package

Name: bind
Purl: pkg:rpm/azure-linux/bind

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.16.48-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-34351.json"