CVE-2023-4408

Source
https://cve.org/CVERecord?id=CVE-2023-4408
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-4408.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-4408
Downstream
Related
Published
2024-02-13T14:15:45.253Z
Modified
2026-07-07T08:52:41.294769353Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects both authoritative servers and recursive resolvers. This issue affects BIND 9 versions 9.0.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.

Database specific
{
    "unresolved_ranges": [
        {
            "vendor_product": "fedoraproject:fedora",
            "extracted_events": [
                {
                    "introduced": "38"
                },
                {
                    "last_affected": "38"
                },
                {
                    "introduced": "39"
                },
                {
                    "last_affected": "39"
                }
            ],
            "source": "CPE_STRING",
            "cpes": [
                "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
                "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*"
            ]
        },
        {
            "vendor_product": "isc:bind",
            "extracted_events": [
                {
                    "introduced": "9.16.8-s1"
                },
                {
                    "last_affected": "9.16.8-s1"
                },
                {
                    "introduced": "9.16.8-s1"
                },
                {
                    "last_affected": "9.16.8-s1"
                },
                {
                    "introduced": "9.16.11-s1"
                },
                {
                    "last_affected": "9.16.11-s1"
                },
                {
                    "introduced": "9.16.11-s1"
                },
                {
                    "last_affected": "9.16.11-s1"
                },
                {
                    "introduced": "9.16.12-s1"
                },
                {
                    "last_affected": "9.16.12-s1"
                },
                {
                    "introduced": "9.16.12-s1"
                },
                {
                    "last_affected": "9.16.12-s1"
                },
                {
                    "introduced": "9.16.13-s1"
                },
                {
                    "last_affected": "9.16.13-s1"
                },
                {
                    "introduced": "9.16.13-s1"
                },
                {
                    "last_affected": "9.16.13-s1"
                },
                {
                    "introduced": "9.16.14-s1"
                },
                {
                    "last_affected": "9.16.14-s1"
                },
                {
                    "introduced": "9.16.14-s1"
                },
                {
                    "last_affected": "9.16.14-s1"
                },
                {
                    "introduced": "9.16.21-s1"
                },
                {
                    "last_affected": "9.16.21-s1"
                },
                {
                    "introduced": "9.16.21-s1"
                },
                {
                    "last_affected": "9.16.21-s1"
                },
                {
                    "introduced": "9.16.32-s1"
                },
                {
                    "last_affected": "9.16.32-s1"
                },
                {
                    "introduced": "9.16.32-s1"
                },
                {
                    "last_affected": "9.16.32-s1"
                },
                {
                    "introduced": "9.16.36-s1"
                },
                {
                    "last_affected": "9.16.36-s1"
                },
                {
                    "introduced": "9.16.36-s1"
                },
                {
                    "last_affected": "9.16.36-s1"
                },
                {
                    "introduced": "9.16.43-s1"
                },
                {
                    "last_affected": "9.16.43-s1"
                },
                {
                    "introduced": "9.16.43-s1"
                },
                {
                    "last_affected": "9.16.43-s1"
                },
                {
                    "introduced": "9.18.0-s1"
                },
                {
                    "last_affected": "9.18.0-s1"
                },
                {
                    "introduced": "9.18.0-s1"
                },
                {
                    "last_affected": "9.18.0-s1"
                },
                {
                    "introduced": "9.18.11-s1"
                },
                {
                    "last_affected": "9.18.11-s1"
                },
                {
                    "introduced": "9.18.11-s1"
                },
                {
                    "last_affected": "9.18.11-s1"
                },
                {
                    "introduced": "9.18.18-s1"
                },
                {
                    "last_affected": "9.18.18-s1"
                },
                {
                    "introduced": "9.18.18-s1"
                },
                {
                    "last_affected": "9.18.18-s1"
                }
            ],
            "cpes": [
                "cpe:2.3:a:isc:bind:9.16.11:s1:*:*:supported_preview:*:*:*",
                "cpe:2.3:a:isc:bind:9.16.12:s1:*:*:supported_preview:*:*:*",
                "cpe:2.3:a:isc:bind:9.16.13:s1:*:*:supported_preview:*:*:*",
                "cpe:2.3:a:isc:bind:9.16.14:s1:*:*:supported_preview:*:*:*",
                "cpe:2.3:a:isc:bind:9.16.21:s1:*:*:supported_preview:*:*:*",
                "cpe:2.3:a:isc:bind:9.16.32:s1:*:*:supported_preview:*:*:*",
                "cpe:2.3:a:isc:bind:9.16.36:s1:*:*:supported_preview:*:*:*",
                "cpe:2.3:a:isc:bind:9.16.43:s1:*:*:supported_preview:*:*:*",
                "cpe:2.3:a:isc:bind:9.16.8:s1:*:*:supported_preview:*:*:*",
                "cpe:2.3:a:isc:bind:9.18.0:s1:*:*:supported_preview:*:*:*",
                "cpe:2.3:a:isc:bind:9.18.11:s1:*:*:supported_preview:*:*:*",
                "cpe:2.3:a:isc:bind:9.18.18:s1:*:*:supported_preview:*:*:*"
            ],
            "source": "CPE_STRING"
        },
        {
            "vendor_product": "netapp:ontap",
            "extracted_events": [
                {
                    "introduced": "9.14.1"
                },
                {
                    "last_affected": "9.14.1"
                },
                {
                    "introduced": "9.15.1"
                },
                {
                    "last_affected": "9.15.1"
                }
            ],
            "source": "CPE_STRING",
            "cpes": [
                "cpe:2.3:a:netapp:ontap:9.14.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:netapp:ontap:9.15.1:*:*:*:*:*:*:*"
            ]
        }
    ]
}
References

Affected packages

Git / github.com/isc-projects/bind9

Affected ranges

Type
GIT
Repo
https://github.com/isc-projects/bind9
Events
Database specific
{
    "cpe": [
        "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
        "cpe:2.3:a:isc:bind:9.9.3:s1:*:*:supported_preview:*:*:*"
    ],
    "source": [
        "CPE_RANGE",
        "CPE_STRING"
    ],
    "extracted_events": [
        {
            "introduced": "9.0.0"
        },
        {
            "last_affected": "9.16.45"
        },
        {
            "introduced": "9.18.0"
        },
        {
            "last_affected": "9.18.21"
        },
        {
            "introduced": "9.19.0"
        },
        {
            "last_affected": "9.19.19"
        },
        {
            "introduced": "9.9.3-s1"
        },
        {
            "last_affected": "9.9.3-s1"
        }
    ]
}

Affected versions

9.*
9.9.3-s1
v9.*
v9.18.0
v9.18.21
v9.19.0
v9.19.19
v9.9.3b1

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-4408.json"

Git / gitlab.isc.org/isc-projects/bind9

Affected ranges

Type
GIT
Repo
https://gitlab.isc.org/isc-projects/bind9
Events
Database specific
{
    "cpe": [
        "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
        "cpe:2.3:a:isc:bind:9.9.3:s1:*:*:supported_preview:*:*:*"
    ],
    "source": [
        "CPE_RANGE",
        "CPE_STRING"
    ],
    "extracted_events": [
        {
            "introduced": "9.0.0"
        },
        {
            "last_affected": "9.16.45"
        },
        {
            "introduced": "9.18.0"
        },
        {
            "last_affected": "9.18.21"
        },
        {
            "introduced": "9.19.0"
        },
        {
            "last_affected": "9.19.19"
        },
        {
            "introduced": "9.9.3-s1"
        },
        {
            "last_affected": "9.9.3-s1"
        }
    ]
}

Affected versions

9.*
9.9.3-s1
v9.*
v9.18.0
v9.18.21
v9.19.0
v9.19.19
v9.9.3b1

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-4408.json"