In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "bind9-doc": "1:9.16.1-0ubuntu2.3", "bind9-dnsutils-dbgsym": "1:9.16.1-0ubuntu2.3", "bind9-host": "1:9.16.1-0ubuntu2.3", "bind9-host-dbgsym": "1:9.16.1-0ubuntu2.3", "bind9utils": "1:9.16.1-0ubuntu2.3", "bind9-dbgsym": "1:9.16.1-0ubuntu2.3", "bind9-libs": "1:9.16.1-0ubuntu2.3", "bind9": "1:9.16.1-0ubuntu2.3", "bind9-utils": "1:9.16.1-0ubuntu2.3", "bind9-dnsutils": "1:9.16.1-0ubuntu2.3", "bind9-libs-dbgsym": "1:9.16.1-0ubuntu2.3", "bind9-utils-dbgsym": "1:9.16.1-0ubuntu2.3", "dnsutils": "1:9.16.1-0ubuntu2.3" } ] }