Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols and provides an openly redistributable reference implementation of the major components of the Domain Name System. This package includes the components to operate a DNS server.
Security Fix(es):
The code that processes control channel messages sent to named
calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing named
to terminate unexpectedly. Since each incoming control channel message is fully parsed before its contents are authenticated, exploiting this flaw does not require the attacker to hold a valid RNDC key; only network access to the control channel's configured TCP port is necessary.
This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1.(CVE-2023-3341)
{ "severity": "High" }
{ "noarch": [ "python3-bind-9.11.21-18.oe1.noarch.rpm" ], "aarch64": [ "bind-debugsource-9.11.21-18.oe1.aarch64.rpm", "bind-export-devel-9.11.21-18.oe1.aarch64.rpm", "bind-libs-9.11.21-18.oe1.aarch64.rpm", "bind-utils-9.11.21-18.oe1.aarch64.rpm", "bind-pkcs11-9.11.21-18.oe1.aarch64.rpm", "bind-export-libs-9.11.21-18.oe1.aarch64.rpm", "bind-devel-9.11.21-18.oe1.aarch64.rpm", "bind-chroot-9.11.21-18.oe1.aarch64.rpm", "bind-debuginfo-9.11.21-18.oe1.aarch64.rpm", "bind-pkcs11-devel-9.11.21-18.oe1.aarch64.rpm", "bind-9.11.21-18.oe1.aarch64.rpm", "bind-libs-lite-9.11.21-18.oe1.aarch64.rpm" ], "x86_64": [ "bind-pkcs11-devel-9.11.21-18.oe1.x86_64.rpm", "bind-libs-lite-9.11.21-18.oe1.x86_64.rpm", "bind-debugsource-9.11.21-18.oe1.x86_64.rpm", "bind-chroot-9.11.21-18.oe1.x86_64.rpm", "bind-utils-9.11.21-18.oe1.x86_64.rpm", "bind-libs-9.11.21-18.oe1.x86_64.rpm", "bind-debuginfo-9.11.21-18.oe1.x86_64.rpm", "bind-devel-9.11.21-18.oe1.x86_64.rpm", "bind-9.11.21-18.oe1.x86_64.rpm", "bind-export-libs-9.11.21-18.oe1.x86_64.rpm", "bind-pkcs11-9.11.21-18.oe1.x86_64.rpm", "bind-export-devel-9.11.21-18.oe1.x86_64.rpm" ], "src": [ "bind-9.11.21-18.oe1.src.rpm" ] }
{ "noarch": [ "python3-bind-9.11.21-18.oe1.noarch.rpm" ], "aarch64": [ "bind-pkcs11-devel-9.11.21-18.oe1.aarch64.rpm", "bind-pkcs11-9.11.21-18.oe1.aarch64.rpm", "bind-9.11.21-18.oe1.aarch64.rpm", "bind-libs-9.11.21-18.oe1.aarch64.rpm", "bind-export-devel-9.11.21-18.oe1.aarch64.rpm", "bind-debuginfo-9.11.21-18.oe1.aarch64.rpm", "bind-libs-lite-9.11.21-18.oe1.aarch64.rpm", "bind-utils-9.11.21-18.oe1.aarch64.rpm", "bind-devel-9.11.21-18.oe1.aarch64.rpm", "bind-export-libs-9.11.21-18.oe1.aarch64.rpm", "bind-chroot-9.11.21-18.oe1.aarch64.rpm", "bind-debugsource-9.11.21-18.oe1.aarch64.rpm" ], "x86_64": [ "bind-chroot-9.11.21-18.oe1.x86_64.rpm", "bind-debuginfo-9.11.21-18.oe1.x86_64.rpm", "bind-pkcs11-devel-9.11.21-18.oe1.x86_64.rpm", "bind-devel-9.11.21-18.oe1.x86_64.rpm", "bind-export-libs-9.11.21-18.oe1.x86_64.rpm", "bind-pkcs11-9.11.21-18.oe1.x86_64.rpm", "bind-9.11.21-18.oe1.x86_64.rpm", "bind-debugsource-9.11.21-18.oe1.x86_64.rpm", "bind-export-devel-9.11.21-18.oe1.x86_64.rpm", "bind-utils-9.11.21-18.oe1.x86_64.rpm", "bind-libs-9.11.21-18.oe1.x86_64.rpm", "bind-libs-lite-9.11.21-18.oe1.x86_64.rpm" ], "src": [ "bind-9.11.21-18.oe1.src.rpm" ] }
{ "noarch": [ "bind-dnssec-doc-9.16.23-20.oe2203.noarch.rpm", "bind-license-9.16.23-20.oe2203.noarch.rpm", "python3-bind-9.16.23-20.oe2203.noarch.rpm", "bind-dnssec-doc-9.16.23-20.oe2203sp1.noarch.rpm", "bind-license-9.16.23-20.oe2203sp1.noarch.rpm", "python3-bind-9.16.23-20.oe2203sp1.noarch.rpm", "bind-dnssec-doc-9.16.23-20.oe2203sp2.noarch.rpm", "python3-bind-9.16.23-20.oe2203sp2.noarch.rpm", "bind-license-9.16.23-20.oe2203sp2.noarch.rpm" ], "aarch64": [ "bind-debugsource-9.16.23-20.oe2203.aarch64.rpm", "bind-pkcs11-utils-9.16.23-20.oe2203.aarch64.rpm", "bind-debuginfo-9.16.23-20.oe2203.aarch64.rpm", "bind-utils-9.16.23-20.oe2203.aarch64.rpm", "bind-9.16.23-20.oe2203.aarch64.rpm", "bind-devel-9.16.23-20.oe2203.aarch64.rpm", "bind-pkcs11-devel-9.16.23-20.oe2203.aarch64.rpm", "bind-dnssec-utils-9.16.23-20.oe2203.aarch64.rpm", "bind-chroot-9.16.23-20.oe2203.aarch64.rpm", "bind-pkcs11-libs-9.16.23-20.oe2203.aarch64.rpm", "bind-pkcs11-9.16.23-20.oe2203.aarch64.rpm", "bind-libs-9.16.23-20.oe2203.aarch64.rpm", "bind-pkcs11-libs-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-devel-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-chroot-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-dnssec-utils-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-debuginfo-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-libs-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-pkcs11-utils-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-utils-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-pkcs11-devel-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-debugsource-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-pkcs11-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-dnssec-utils-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-debuginfo-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-debugsource-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-pkcs11-utils-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-utils-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-pkcs11-libs-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-chroot-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-libs-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-pkcs11-devel-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-devel-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-pkcs11-9.16.23-20.oe2203sp2.aarch64.rpm" ], "x86_64": [ "bind-pkcs11-utils-9.16.23-20.oe2203.x86_64.rpm", "bind-libs-9.16.23-20.oe2203.x86_64.rpm", "bind-pkcs11-9.16.23-20.oe2203.x86_64.rpm", "bind-dnssec-utils-9.16.23-20.oe2203.x86_64.rpm", "bind-devel-9.16.23-20.oe2203.x86_64.rpm", "bind-pkcs11-devel-9.16.23-20.oe2203.x86_64.rpm", "bind-chroot-9.16.23-20.oe2203.x86_64.rpm", "bind-9.16.23-20.oe2203.x86_64.rpm", "bind-debugsource-9.16.23-20.oe2203.x86_64.rpm", "bind-debuginfo-9.16.23-20.oe2203.x86_64.rpm", "bind-pkcs11-libs-9.16.23-20.oe2203.x86_64.rpm", "bind-utils-9.16.23-20.oe2203.x86_64.rpm", "bind-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-utils-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-libs-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-debugsource-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-dnssec-utils-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-devel-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-pkcs11-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-pkcs11-devel-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-pkcs11-libs-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-pkcs11-utils-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-debuginfo-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-chroot-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-pkcs11-libs-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-utils-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-devel-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-dnssec-utils-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-pkcs11-utils-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-debugsource-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-pkcs11-devel-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-chroot-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-libs-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-pkcs11-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-debuginfo-9.16.23-20.oe2203sp2.x86_64.rpm" ], "src": [ "bind-9.16.23-20.oe2203.src.rpm", "bind-9.16.23-20.oe2203sp1.src.rpm", "bind-9.16.23-20.oe2203sp2.src.rpm" ] }
{ "noarch": [ "bind-dnssec-doc-9.16.23-20.oe2203sp1.noarch.rpm", "bind-license-9.16.23-20.oe2203sp1.noarch.rpm", "python3-bind-9.16.23-20.oe2203sp1.noarch.rpm" ], "aarch64": [ "bind-pkcs11-libs-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-devel-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-chroot-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-dnssec-utils-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-debuginfo-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-libs-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-pkcs11-utils-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-utils-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-pkcs11-devel-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-debugsource-9.16.23-20.oe2203sp1.aarch64.rpm", "bind-pkcs11-9.16.23-20.oe2203sp1.aarch64.rpm" ], "x86_64": [ "bind-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-utils-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-libs-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-debugsource-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-dnssec-utils-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-devel-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-pkcs11-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-pkcs11-devel-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-pkcs11-libs-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-pkcs11-utils-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-debuginfo-9.16.23-20.oe2203sp1.x86_64.rpm", "bind-chroot-9.16.23-20.oe2203sp1.x86_64.rpm" ], "src": [ "bind-9.16.23-20.oe2203sp1.src.rpm" ] }
{ "noarch": [ "bind-dnssec-doc-9.16.23-20.oe2203sp2.noarch.rpm", "python3-bind-9.16.23-20.oe2203sp2.noarch.rpm", "bind-license-9.16.23-20.oe2203sp2.noarch.rpm" ], "aarch64": [ "bind-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-dnssec-utils-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-debuginfo-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-debugsource-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-pkcs11-utils-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-utils-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-pkcs11-libs-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-chroot-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-libs-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-pkcs11-devel-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-devel-9.16.23-20.oe2203sp2.aarch64.rpm", "bind-pkcs11-9.16.23-20.oe2203sp2.aarch64.rpm" ], "x86_64": [ "bind-pkcs11-libs-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-utils-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-devel-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-dnssec-utils-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-pkcs11-utils-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-debugsource-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-pkcs11-devel-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-chroot-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-libs-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-pkcs11-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-9.16.23-20.oe2203sp2.x86_64.rpm", "bind-debuginfo-9.16.23-20.oe2203sp2.x86_64.rpm" ], "src": [ "bind-9.16.23-20.oe2203sp2.src.rpm" ] }