CVE-2020-8619

In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk ("*") character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.9 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 91%
Affected Products (NVD)
VendorProductVersion
iscbind
9.11.14 ≤
𝑥
≤ 9.11.19
iscbind
9.11.14-s1 ≤
𝑥
≤ 9.11.19-s1
iscbind
9.14.9 ≤
𝑥
≤ 9.14.12
iscbind
9.16.0 ≤
𝑥
≤ 9.16.3
opensuseleap
15.1
opensuseleap
15.2
debiandebian_linux
10.0
canonicalubuntu_linux
20.04
netappsteelstore_cloud_integrated_storage
-
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
bind9
bookworm
1:9.18.28-1~deb12u2
fixed
bookworm (security)
1:9.18.28-1~deb12u2
fixed
bullseye
1:9.16.50-1~deb11u2
fixed
bullseye (security)
1:9.16.50-1~deb11u1
fixed
jessie
not-affected
sid
1:9.20.2-1
fixed
stretch
not-affected
trixie
1:9.20.2-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
bind9
bionic
not-affected
eoan
not-affected
focal
Fixed 1:9.16.1-0ubuntu2.2
released
trusty
not-affected
xenial
not-affected
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
bind
suse enterprise sap 15 SP1
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP2
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise sap 15 SP7
9.20.3-150700.1.6
fixed
suse enterprise server 15
9.16.6-12.32.1
fixed
suse enterprise server 15 SP1
9.16.6-12.32.1
fixed
suse enterprise server 15 SP2
9.16.6-12.32.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise server 15 SP7
9.20.3-150700.1.6
fixed
bind-chrootenv
suse enterprise sap 15 SP1
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP2
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15
9.16.6-12.32.1
fixed
suse enterprise server 15 SP1
9.16.6-12.32.1
fixed
suse enterprise server 15 SP2
9.16.6-12.32.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
bind-devel
suse enterprise desktop 15 SP1
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP2
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise sap 15 SP1
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP2
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise server 15
9.16.6-12.32.1
fixed
suse enterprise server 15 SP1
9.16.6-12.32.1
fixed
suse enterprise server 15 SP2
9.16.6-12.32.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP5
9.16.6-150300.22.27.1
fixed
bind-doc
suse enterprise sap 15 SP1
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP2
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise sap 15 SP7
9.20.3-150700.1.6
fixed
suse enterprise server 15
9.16.6-12.32.1
fixed
suse enterprise server 15 SP1
9.16.6-12.32.1
fixed
suse enterprise server 15 SP2
9.16.6-12.32.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise server 15 SP7
9.20.3-150700.1.6
fixed
bind-utils
suse enterprise desktop 15 SP1
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP2
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise desktop 15 SP5
9.16.38-150400.5.20.2
fixed
suse enterprise desktop 15 SP6
9.18.24-150600.1.5
fixed
suse enterprise desktop 15 SP7
9.20.3-150700.1.6
fixed
suse enterprise sap 15 SP1
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP2
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise sap 15 SP5
9.16.38-150400.5.20.2
fixed
suse enterprise sap 15 SP6
9.18.24-150600.1.5
fixed
suse enterprise sap 15 SP7
9.20.3-150700.1.6
fixed
suse enterprise server 15
9.16.6-12.32.1
fixed
suse enterprise server 15 SP1
9.16.6-12.32.1
fixed
suse enterprise server 15 SP2
9.16.6-12.32.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise server 15 SP5
9.16.38-150400.5.20.2
fixed
suse enterprise server 15 SP6
9.18.24-150600.1.5
fixed
suse enterprise server 15 SP7
9.20.3-150700.1.6
fixed
libbind9-1600
suse enterprise desktop 15 SP1
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP2
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise sap 15 SP1
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP2
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise server 15
9.16.6-12.32.1
fixed
suse enterprise server 15 SP1
9.16.6-12.32.1
fixed
suse enterprise server 15 SP2
9.16.6-12.32.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP5
9.16.6-150300.22.27.1
fixed
libdns1605
suse enterprise desktop 15 SP1
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP2
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise desktop 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise desktop 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise sap 15 SP1
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP2
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise sap 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise sap 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise server 15
9.16.6-12.32.1
fixed
suse enterprise server 15 SP1
9.16.6-12.32.1
fixed
suse enterprise server 15 SP2
9.16.6-12.32.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise server 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise server 15 SP7
9.16.6-150300.22.50.1
fixed
libirs-devel
suse enterprise desktop 15 SP1
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP2
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise desktop 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise desktop 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise sap 15 SP1
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP2
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise sap 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise sap 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise server 15
9.16.6-12.32.1
fixed
suse enterprise server 15 SP1
9.16.6-12.32.1
fixed
suse enterprise server 15 SP2
9.16.6-12.32.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise server 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise server 15 SP7
9.16.6-150300.22.50.1
fixed
libirs1601
suse enterprise desktop 15 SP1
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP2
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise desktop 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise desktop 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise sap 15 SP1
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP2
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise sap 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise sap 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise server 15
9.16.6-12.32.1
fixed
suse enterprise server 15 SP1
9.16.6-12.32.1
fixed
suse enterprise server 15 SP2
9.16.6-12.32.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise server 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise server 15 SP7
9.16.6-150300.22.50.1
fixed
libisc1606
suse enterprise desktop 15 SP1
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP2
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise desktop 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise desktop 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise sap 15 SP1
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP2
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise sap 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise sap 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise server 15
9.16.6-12.32.1
fixed
suse enterprise server 15 SP1
9.16.6-12.32.1
fixed
suse enterprise server 15 SP2
9.16.6-12.32.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise server 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise server 15 SP7
9.16.6-150300.22.50.1
fixed
libisccc1600
suse enterprise desktop 15 SP1
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP2
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise sap 15 SP1
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP2
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise server 15
9.16.6-12.32.1
fixed
suse enterprise server 15 SP1
9.16.6-12.32.1
fixed
suse enterprise server 15 SP2
9.16.6-12.32.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP5
9.16.6-150300.22.27.1
fixed
libisccfg1600
suse enterprise desktop 15 SP1
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP2
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise desktop 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise desktop 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise sap 15 SP1
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP2
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise sap 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise sap 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise server 15
9.16.6-12.32.1
fixed
suse enterprise server 15 SP1
9.16.6-12.32.1
fixed
suse enterprise server 15 SP2
9.16.6-12.32.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise server 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise server 15 SP7
9.16.6-150300.22.50.1
fixed
libns1604
suse enterprise desktop 15 SP1
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP2
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise sap 15 SP1
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP2
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise server 15
9.16.6-12.32.1
fixed
suse enterprise server 15 SP1
9.16.6-12.32.1
fixed
suse enterprise server 15 SP2
9.16.6-12.32.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP5
9.16.6-150300.22.27.1
fixed
python3-bind
suse enterprise desktop 15 SP1
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP2
9.16.6-12.32.1
fixed
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise desktop 15 SP5
9.16.38-150400.5.20.2
fixed
suse enterprise sap 15 SP1
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP2
9.16.6-12.32.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise sap 15 SP5
9.16.38-150400.5.20.2
fixed
suse enterprise server 15
9.16.6-12.32.1
fixed
suse enterprise server 15 SP1
9.16.6-12.32.1
fixed
suse enterprise server 15 SP2
9.16.6-12.32.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise server 15 SP5
9.16.38-150400.5.20.2
fixed
sysuser-shadow
suse enterprise desktop 15 SP1
2.0-4.2.8
fixed
suse enterprise desktop 15 SP2
2.0-4.2.8
fixed
suse enterprise desktop 15 SP3
2.0-4.2.8
fixed
suse enterprise sap 15 SP1
2.0-4.2.8
fixed
suse enterprise sap 15 SP2
2.0-4.2.8
fixed
suse enterprise sap 15 SP3
2.0-4.2.8
fixed
suse enterprise server 15
2.0-4.2.8
fixed
suse enterprise server 15 SP1
2.0-4.2.8
fixed
suse enterprise server 15 SP2
2.0-4.2.8
fixed
suse enterprise server 15 SP3
2.0-4.2.8
fixed
sysuser-tools
suse enterprise desktop 15 SP1
2.0-4.2.8
fixed
suse enterprise sap 15 SP1
2.0-4.2.8
fixed
suse enterprise server 15
2.0-4.2.8
fixed
suse enterprise server 15 SP1
2.0-4.2.8
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
bind
RHEL 8
32:9.11.20-5.el8
fixed
bind-chroot
RHEL 8
32:9.11.20-5.el8
fixed
bind-devel
RHEL 8
32:9.11.20-5.el8
fixed
bind-export-devel
RHEL 8
32:9.11.20-5.el8
fixed
bind-export-libs
RHEL 8
32:9.11.20-5.el8
fixed
bind-libs
RHEL 8
32:9.11.20-5.el8
fixed
bind-libs-lite
RHEL 8
32:9.11.20-5.el8
fixed
bind-license
RHEL 8
32:9.11.20-5.el8
fixed
bind-lite-devel
RHEL 8
32:9.11.20-5.el8
fixed
bind-pkcs11
RHEL 8
32:9.11.20-5.el8
fixed
bind-pkcs11-devel
RHEL 8
32:9.11.20-5.el8
fixed
bind-pkcs11-libs
RHEL 8
32:9.11.20-5.el8
fixed
bind-pkcs11-utils
RHEL 8
32:9.11.20-5.el8
fixed
bind-sdb
RHEL 8
32:9.11.20-5.el8
fixed
bind-sdb-chroot
RHEL 8
32:9.11.20-5.el8
fixed
bind-utils
RHEL 8
32:9.11.20-5.el8
fixed
python3-bind
RHEL 8
32:9.11.20-5.el8
fixed
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html
https://kb.isc.org/docs/cve-2020-8619
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNFTTYJ5JJJJ6QG3AHXJGDIIEYMDFWFW/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIOXMJX4N3LBKC65OXNBE52W4GAS7QEX/
https://security.netapp.com/advisory/ntap-20200625-0003/
https://usn.ubuntu.com/4399-1/
https://www.debian.org/security/2020/dsa-4752
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html
https://kb.isc.org/docs/cve-2020-8619
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNFTTYJ5JJJJ6QG3AHXJGDIIEYMDFWFW/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIOXMJX4N3LBKC65OXNBE52W4GAS7QEX/
https://security.netapp.com/advisory/ntap-20200625-0003/
https://usn.ubuntu.com/4399-1/
https://www.debian.org/security/2020/dsa-4752