UBUNTU-CVE-2020-8616

See a problem?

Source

https://ubuntu.com/security/notices/UBUNTU-CVE-2020-8616

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-8616.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2020-8616

Related

Published

2020-05-19T00:00:00Z

Modified

2020-05-19T00:00:00Z

Severity

8.6 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor.

References

Affected packages

Ubuntu:Pro:14.04:LTS / bind9

Package

Name: bind9
Purl: pkg:deb/ubuntu/bind9@1:9.9.5.dfsg-3ubuntu0.19+esm2?arch=src?distro=trusty/esm

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:9.9.5.dfsg-3ubuntu0.19+esm2

Affected versions

1:9.*

1:9.9.3.dfsg.P2-4ubuntu1

1:9.9.3.dfsg.P2-4ubuntu2

1:9.9.3.dfsg.P2-4ubuntu3

1:9.9.5.dfsg-2

1:9.9.5.dfsg-3

1:9.9.5.dfsg-3ubuntu0.1

1:9.9.5.dfsg-3ubuntu0.2

1:9.9.5.dfsg-3ubuntu0.3

1:9.9.5.dfsg-3ubuntu0.4

1:9.9.5.dfsg-3ubuntu0.5

1:9.9.5.dfsg-3ubuntu0.6

1:9.9.5.dfsg-3ubuntu0.7

1:9.9.5.dfsg-3ubuntu0.8

1:9.9.5.dfsg-3ubuntu0.9

1:9.9.5.dfsg-3ubuntu0.10

1:9.9.5.dfsg-3ubuntu0.11

1:9.9.5.dfsg-3ubuntu0.12

1:9.9.5.dfsg-3ubuntu0.13

1:9.9.5.dfsg-3ubuntu0.14

1:9.9.5.dfsg-3ubuntu0.15

1:9.9.5.dfsg-3ubuntu0.16

1:9.9.5.dfsg-3ubuntu0.17

1:9.9.5.dfsg-3ubuntu0.18

1:9.9.5.dfsg-3ubuntu0.19

1:9.9.5.dfsg-3ubuntu0.19+esm1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "lwresd": "1:9.9.5.dfsg-3ubuntu0.19+esm2",
            "bind9utils": "1:9.9.5.dfsg-3ubuntu0.19+esm2",
            "bind9": "1:9.9.5.dfsg-3ubuntu0.19+esm2",
            "libbind-dev": "1:9.9.5.dfsg-3ubuntu0.19+esm2",
            "host": "1:9.9.5.dfsg-3ubuntu0.19+esm2",
            "bind9-doc": "1:9.9.5.dfsg-3ubuntu0.19+esm2",
            "liblwres90": "1:9.9.5.dfsg-3ubuntu0.19+esm2",
            "libisccfg90": "1:9.9.5.dfsg-3ubuntu0.19+esm2",
            "libisccc90": "1:9.9.5.dfsg-3ubuntu0.19+esm2",
            "libdns100": "1:9.9.5.dfsg-3ubuntu0.19+esm2",
            "libbind9-90": "1:9.9.5.dfsg-3ubuntu0.19+esm2",
            "bind9-host": "1:9.9.5.dfsg-3ubuntu0.19+esm2",
            "libisc95": "1:9.9.5.dfsg-3ubuntu0.19+esm2",
            "dnsutils": "1:9.9.5.dfsg-3ubuntu0.19+esm2"
        }
    ]
}

Ubuntu:16.04:LTS / bind9

Package

Name: bind9
Purl: pkg:deb/ubuntu/bind9@1:9.10.3.dfsg.P4-8ubuntu1.16?arch=src?distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:9.10.3.dfsg.P4-8ubuntu1.16

Affected versions

1:9.*

1:9.9.5.dfsg-11ubuntu1

1:9.9.5.dfsg-12

1:9.9.5.dfsg-12.1

1:9.9.5.dfsg-12.1ubuntu1

1:9.10.3.dfsg.P2-4

1:9.10.3.dfsg.P2-5

1:9.10.3.dfsg.P4-3

1:9.10.3.dfsg.P4-4

1:9.10.3.dfsg.P4-5

1:9.10.3.dfsg.P4-8

1:9.10.3.dfsg.P4-8ubuntu1

1:9.10.3.dfsg.P4-8ubuntu1.1

1:9.10.3.dfsg.P4-8ubuntu1.2

1:9.10.3.dfsg.P4-8ubuntu1.3

1:9.10.3.dfsg.P4-8ubuntu1.4

1:9.10.3.dfsg.P4-8ubuntu1.5

1:9.10.3.dfsg.P4-8ubuntu1.6

1:9.10.3.dfsg.P4-8ubuntu1.7

1:9.10.3.dfsg.P4-8ubuntu1.8

1:9.10.3.dfsg.P4-8ubuntu1.9

1:9.10.3.dfsg.P4-8ubuntu1.10

1:9.10.3.dfsg.P4-8ubuntu1.11

1:9.10.3.dfsg.P4-8ubuntu1.12

1:9.10.3.dfsg.P4-8ubuntu1.14

1:9.10.3.dfsg.P4-8ubuntu1.15

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "bind9-host-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "lwresd": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libisc-export160-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libisccc-export140-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libdns162": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "bind9utils": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libisccc-export140-udeb-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libirs-export141-udeb-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "bind9-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libisc-export160-udeb-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libbind9-140": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libdns162-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libisc-export160": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "bind9utils-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libisccfg-export140-udeb": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "dnsutils": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libisccfg140": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libirs-export141": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libdns-export162": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "liblwres141-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "dnsutils-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libbind-export-dev": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libdns-export162-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libisccfg140-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libisccfg-export140-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "liblwres141": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libisc160-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libisccc-export140": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libirs-export141-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libbind9-140-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libdns-export162-udeb": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libirs-export141-udeb": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libisccc140-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "lwresd-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "bind9": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libisc160": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libbind-dev": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "host": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libisccfg-export140": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libisc-export160-udeb": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "bind9-doc": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libisccc140": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libirs141": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libisccc-export140-udeb": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libirs141-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libdns-export162-udeb-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "bind9-host": "1:9.10.3.dfsg.P4-8ubuntu1.16",
            "libisccfg-export140-udeb-dbgsym": "1:9.10.3.dfsg.P4-8ubuntu1.16"
        }
    ]
}

Ubuntu:18.04:LTS / bind9

Package

Name: bind9
Purl: pkg:deb/ubuntu/bind9@1:9.11.3+dfsg-1ubuntu1.12?arch=src?distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:9.11.3+dfsg-1ubuntu1.12

Affected versions

1:9.*

1:9.10.3.dfsg.P4-12.6ubuntu1

1:9.11.2.P1-1ubuntu2

1:9.11.2.P1-1ubuntu3

1:9.11.2.P1-1ubuntu4

1:9.11.2.P1-1ubuntu5

1:9.11.3+dfsg-1ubuntu1

1:9.11.3+dfsg-1ubuntu1.1

1:9.11.3+dfsg-1ubuntu1.2

1:9.11.3+dfsg-1ubuntu1.3

1:9.11.3+dfsg-1ubuntu1.5

1:9.11.3+dfsg-1ubuntu1.7

1:9.11.3+dfsg-1ubuntu1.8

1:9.11.3+dfsg-1ubuntu1.9

1:9.11.3+dfsg-1ubuntu1.10

1:9.11.3+dfsg-1ubuntu1.11

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "bind9-host-dbgsym": "1:9.11.3+dfsg-1ubuntu1.12",
            "libbind9-160-dbgsym": "1:9.11.3+dfsg-1ubuntu1.12",
            "libisccfg160-dbgsym": "1:9.11.3+dfsg-1ubuntu1.12",
            "libisc-export169-dbgsym": "1:9.11.3+dfsg-1ubuntu1.12",
            "libdns1100-dbgsym": "1:9.11.3+dfsg-1ubuntu1.12",
            "bind9utils": "1:9.11.3+dfsg-1ubuntu1.12",
            "libdns-export1100": "1:9.11.3+dfsg-1ubuntu1.12",
            "bind9-dbgsym": "1:9.11.3+dfsg-1ubuntu1.12",
            "libisccc-export160": "1:9.11.3+dfsg-1ubuntu1.12",
            "libisccfg-export160": "1:9.11.3+dfsg-1ubuntu1.12",
            "liblwres160": "1:9.11.3+dfsg-1ubuntu1.12",
            "libirs-export160": "1:9.11.3+dfsg-1ubuntu1.12",
            "bind9utils-dbgsym": "1:9.11.3+dfsg-1ubuntu1.12",
            "libisccc-export160-dbgsym": "1:9.11.3+dfsg-1ubuntu1.12",
            "libirs160": "1:9.11.3+dfsg-1ubuntu1.12",
            "libisccfg-export160-udeb": "1:9.11.3+dfsg-1ubuntu1.12",
            "libisc-export169": "1:9.11.3+dfsg-1ubuntu1.12",
            "libisc169-dbgsym": "1:9.11.3+dfsg-1ubuntu1.12",
            "dnsutils-dbgsym": "1:9.11.3+dfsg-1ubuntu1.12",
            "libbind-export-dev": "1:9.11.3+dfsg-1ubuntu1.12",
            "libdns1100": "1:9.11.3+dfsg-1ubuntu1.12",
            "libisccc160": "1:9.11.3+dfsg-1ubuntu1.12",
            "libdns-export1100-dbgsym": "1:9.11.3+dfsg-1ubuntu1.12",
            "libdns-export1100-udeb": "1:9.11.3+dfsg-1ubuntu1.12",
            "liblwres160-dbgsym": "1:9.11.3+dfsg-1ubuntu1.12",
            "libirs-export160-udeb": "1:9.11.3+dfsg-1ubuntu1.12",
            "bind9": "1:9.11.3+dfsg-1ubuntu1.12",
            "libisc169": "1:9.11.3+dfsg-1ubuntu1.12",
            "libbind-dev": "1:9.11.3+dfsg-1ubuntu1.12",
            "libirs-export160-dbgsym": "1:9.11.3+dfsg-1ubuntu1.12",
            "libisccc-export160-udeb": "1:9.11.3+dfsg-1ubuntu1.12",
            "libisc-export169-udeb": "1:9.11.3+dfsg-1ubuntu1.12",
            "bind9-doc": "1:9.11.3+dfsg-1ubuntu1.12",
            "libirs160-dbgsym": "1:9.11.3+dfsg-1ubuntu1.12",
            "libisccfg160": "1:9.11.3+dfsg-1ubuntu1.12",
            "libbind9-160": "1:9.11.3+dfsg-1ubuntu1.12",
            "libisccc160-dbgsym": "1:9.11.3+dfsg-1ubuntu1.12",
            "bind9-host": "1:9.11.3+dfsg-1ubuntu1.12",
            "libisccfg-export160-dbgsym": "1:9.11.3+dfsg-1ubuntu1.12",
            "dnsutils": "1:9.11.3+dfsg-1ubuntu1.12"
        }
    ]
}

Ubuntu:20.04:LTS / bind9

Package

Name: bind9
Purl: pkg:deb/ubuntu/bind9@1:9.16.1-0ubuntu2.1?arch=src?distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:9.16.1-0ubuntu2.1

Affected versions

1:9.*

1:9.11.5.P4+dfsg-5.1ubuntu2

1:9.11.5.P4+dfsg-5.1ubuntu3

1:9.11.5.P4+dfsg-5.1ubuntu4

1:9.11.5.P4+dfsg-5.1ubuntu5

1:9.11.14+dfsg-1ubuntu1

1:9.11.14+dfsg-3ubuntu1

1:9.16.0-1ubuntu3

1:9.16.0-1ubuntu4

1:9.16.0-1ubuntu5

1:9.16.1-0ubuntu1

1:9.16.1-0ubuntu2

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "bind9-doc": "1:9.16.1-0ubuntu2.1",
            "bind9-dnsutils-dbgsym": "1:9.16.1-0ubuntu2.1",
            "bind9-host": "1:9.16.1-0ubuntu2.1",
            "bind9-host-dbgsym": "1:9.16.1-0ubuntu2.1",
            "bind9utils": "1:9.16.1-0ubuntu2.1",
            "bind9-dbgsym": "1:9.16.1-0ubuntu2.1",
            "bind9-libs": "1:9.16.1-0ubuntu2.1",
            "bind9": "1:9.16.1-0ubuntu2.1",
            "bind9-utils": "1:9.16.1-0ubuntu2.1",
            "bind9-dnsutils": "1:9.16.1-0ubuntu2.1",
            "bind9-libs-dbgsym": "1:9.16.1-0ubuntu2.1",
            "bind9-utils-dbgsym": "1:9.16.1-0ubuntu2.1",
            "dnsutils": "1:9.16.1-0ubuntu2.1"
        }
    ]
}