UBUNTU-CVE-2020-8621
See a problem?- Source
- https://ubuntu.com/security/notices/UBUNTU-CVE-2020-8621
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-8621.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2020-8621
- Related
- Published
- 2020-08-20T00:00:00Z
- Modified
- 2020-08-20T00:00:00Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected.
- References
Affected packages
Ubuntu:20.04:LTS / bind9
Package
- Name
- bind9
- Purl
- pkg:deb/ubuntu/bind9@1:9.16.1-0ubuntu2.3?arch=src?distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:9.16.1-0ubuntu2.3
Affected versions
1:9.*
1:9.11.5.P4+dfsg-5.1ubuntu2
1:9.11.5.P4+dfsg-5.1ubuntu3
1:9.11.5.P4+dfsg-5.1ubuntu4
1:9.11.5.P4+dfsg-5.1ubuntu5
1:9.11.14+dfsg-1ubuntu1
1:9.11.14+dfsg-3ubuntu1
1:9.16.0-1ubuntu3
1:9.16.0-1ubuntu4
1:9.16.0-1ubuntu5
1:9.16.1-0ubuntu1
1:9.16.1-0ubuntu2
1:9.16.1-0ubuntu2.1
1:9.16.1-0ubuntu2.2
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "medium",
"binaries": [
{
"bind9-doc": "1:9.16.1-0ubuntu2.3",
"bind9-dnsutils-dbgsym": "1:9.16.1-0ubuntu2.3",
"bind9-host": "1:9.16.1-0ubuntu2.3",
"bind9-host-dbgsym": "1:9.16.1-0ubuntu2.3",
"bind9utils": "1:9.16.1-0ubuntu2.3",
"bind9-dbgsym": "1:9.16.1-0ubuntu2.3",
"bind9-libs": "1:9.16.1-0ubuntu2.3",
"bind9": "1:9.16.1-0ubuntu2.3",
"bind9-utils": "1:9.16.1-0ubuntu2.3",
"bind9-dnsutils": "1:9.16.1-0ubuntu2.3",
"bind9-libs-dbgsym": "1:9.16.1-0ubuntu2.3",
"bind9-utils-dbgsym": "1:9.16.1-0ubuntu2.3",
"dnsutils": "1:9.16.1-0ubuntu2.3"
}
]
}