CVE-2020-8623

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-8623
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-8623.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-8623
Downstream
Related
Published
2020-08-21T21:15:12.327Z
Modified
2026-04-11T12:35:11.067650Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with "--enable-native-pkcs11" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker

Database specific 
{
    "unresolved_ranges": [
        {
            "cpe": "cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*",
            "source": "CPE_FIELD",
            "extracted_events": [
                {
                    "last_affected": "9.11.21-s1"
                }
            ]
        },
        {
            "cpe": "cpe:2.3:a:synology:dns_server:*:*:*:*:*:*:*:*",
            "source": "CPE_FIELD",
            "extracted_events": [
                {
                    "fixed": "2.2.2-5027"
                }
            ]
        },
        {
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
            "source": "CPE_FIELD",
            "extracted_events": [
                {
                    "last_affected": "16.04"
                }
            ]
        },
        {
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
            "source": "CPE_FIELD",
            "extracted_events": [
                {
                    "last_affected": "18.04"
                }
            ]
        },
        {
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
            "source": "CPE_FIELD",
            "extracted_events": [
                {
                    "last_affected": "20.04"
                }
            ]
        },
        {
            "cpe": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
            "source": "CPE_FIELD",
            "extracted_events": [
                {
                    "last_affected": "10.0"
                }
            ]
        },
        {
            "cpe": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
            "source": "CPE_FIELD",
            "extracted_events": [
                {
                    "last_affected": "31"
                }
            ]
        },
        {
            "cpe": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
            "source": "CPE_FIELD",
            "extracted_events": [
                {
                    "last_affected": "32"
                }
            ]
        },
        {
            "cpe": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
            "source": "CPE_FIELD",
            "extracted_events": [
                {
                    "last_affected": "15.1"
                }
            ]
        },
        {
            "cpe": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*",
            "source": "CPE_FIELD",
            "extracted_events": [
                {
                    "last_affected": "15.2"
                }
            ]
        }
    ]
}
References

Affected packages

Git / gitlab.isc.org/isc-projects/bind9

Affected ranges

Type
GIT
Repo
https://gitlab.isc.org/isc-projects/bind9
Events
Introduced
63fbb3ea39094353765c04a6066b9e1d1013992a
Last affected
4ce7edb5801e41d14b0da003d97f81b0d73424c9
Introduced
b2307b25465c16d37ff6de22438a2d214287417c
Last affected
c00b4586ab21960bc2b13989f77ea8465e989187
Introduced
04ca7cc4b6993f47ea61852c759d047c83be7b3f
Last affected
079e9baebe7d2b42610b9d7bdc0f8a5f78bbe2d5
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
341e64a2de908ceec50ed46d243bf3402342735c
Last affected
19d6c56085e97cf4ac559cdc27edd624127bcb32
Database specific 
{
    "cpe": [
        "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:isc:bind:9.10.5:s1:*:*:supported_preview:*:*:*",
        "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"
    ],
    "source": "CPE_FIELD",
    "extracted_events": [
        {
            "introduced": "9.10.0"
        },
        {
            "last_affected": "9.11.21"
        },
        {
            "introduced": "9.12.1"
        },
        {
            "last_affected": "9.16.5"
        },
        {
            "introduced": "9.17.0"
        },
        {
            "last_affected": "9.17.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "9.10.5-s1"
        },
        {
            "last_affected": "9.0"
        }
    ]
}

Affected versions

v9.*
v9.0.0
v9.10.0a1
v9.10.0a2
v9.10.0b1
v9.10.0b2
v9.10.0rc1
v9.10.0rc2
v9.10.1
v9.10.1b1
v9.10.1b2
v9.10.1rc1
v9.10.1rc2
v9.10.2
v9.10.2b1
v9.10.2rc1
v9.10.2rc2
v9.10.3
v9.10.3b1
v9.10.3rc1
v9.10.4
v9.10.4b1
v9.10.4b2
v9.10.4b3
v9.10.4rc1
v9.10.5b1
v9.11.0
v9.11.0a1
v9.11.0a2
v9.11.0a3
v9.11.0b1
v9.11.0b2
v9.11.0b3
v9.11.0rc1
v9.11.0rc2
v9.11.0rc3
v9.11.1
v9.11.11
v9.11.14
v9.11.16
v9.11.1b1
v9.11.1rc1
v9.11.1rc2
v9.11.1rc3
v9.11.21
v9.11.2b1
v9.11.2rc1
v9.11.3b1
v9.11.3rc1
v9.11.4
v9.11.4rc2
v9.11.6
v9.11.6rc1
v9.11.7
v9.11.9
v9.12.0a1
v9.12.0b1
v9.12.0b2
v9.12.0rc1
v9.13.0
v9.13.2
v9.13.3
v9.13.4
v9.13.5
v9.13.6
v9.15.0
v9.15.2
v9.15.3
v9.15.4
v9.15.7
v9.15.8
v9.16.0
v9.16.5
v9.17.3
v9.5.0a1
v9.5.0a2
v9.5.0a3
v9.5.0a4
v9.5.0a5
v9.5.0a6
v9.7.0a1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-8623.json"