CVE-2016-8864

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-8864

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-8864.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2016-8864

Downstream

ALPINE-CVE-2016-8864

DEBIAN-CVE-2016-8864

DLA-696-1

DSA-3703-1

RHSA-2016:2141

RHSA-2016:2142

RHSA-2016:2615

RHSA-2016:2871

RHSA-2017:1583

SUSE-SU-2016:2696-1

SUSE-SU-2016:2697-1

SUSE-SU-2016:2697-2

SUSE-SU-2016:2706-1

UBUNTU-CVE-2016-8864

USN-3119-1

openSUSE-SU-2024:10467-1

Related

Published

2016-11-02T17:59:00Z

Modified

2025-10-15T04:34:01Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c.

References

Affected packages

Git / github.com/isc-projects/bind9

Affected ranges

Type: GIT
Repo: https://github.com/isc-projects/bind9
Events: Introduced

63fbb3ea39094353765c04a6066b9e1d1013992a

Fixed

a5e4938f2d3c9d89b3fda65bc2fe6755ecfeea72

Type: GIT
Repo: https://gitlab.isc.org/isc-projects/bind9
Events: Introduced

19d6c56085e97cf4ac559cdc27edd624127bcb32

Fixed

b7843f9794be456c53d7dc0b51ead89f2c5d3351