CVE-2023-5679

EUVD-2023-57970
A bad interaction between DNS64 and serve-stale may cause `named` to crash with an assertion failure during recursive resolution, when both of these features are enabled.
This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
Affected Products (NVD)
VendorProductVersion
netappactive_iq_unified_manager
-
iscbind
9.16.12 ≤
𝑥
≤ 9.16.45
iscbind
9.18.0 ≤
𝑥
≤ 9.18.21
iscbind
9.19.0 ≤
𝑥
≤ 9.19.19
iscbind
9.16.12:s1
iscbind
9.16.13:s1
iscbind
9.16.14:s1
iscbind
9.16.21:s1
iscbind
9.16.32:s1
iscbind
9.16.36:s1
iscbind
9.16.43:s1
iscbind
9.16.45:s1
iscbind
9.18.11:s1
iscbind
9.18.18:s1
iscbind
9.18.21:s1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
bind9
bookworm
1:9.18.28-1~deb12u2
fixed
bookworm (security)
1:9.18.28-1~deb12u2
fixed
bullseye
1:9.16.50-1~deb11u2
fixed
bullseye (security)
1:9.16.50-1~deb11u1
fixed
buster
not-affected
sid
1:9.20.4-3
fixed
trixie
1:9.20.4-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
bind9
bionic
not-affected
focal
not-affected
jammy
Fixed 1:9.18.18-0ubuntu0.22.04.2
released
mantic
Fixed 1:9.18.18-0ubuntu2.1
released
noble
Fixed 1:9.18.24-0ubuntu1
released
oracular
Fixed 1:9.18.24-0ubuntu1
released
trusty
not-affected
xenial
not-affected
bind9-libs
bionic
dne
focal
not-affected
jammy
not-affected
mantic
dne
noble
dne
oracular
dne
trusty
dne
xenial
dne
isc-dhcp
bionic
needs-triage
focal
not-affected
jammy
not-affected
mantic
not-affected
noble
not-affected
oracular
not-affected
trusty
not-affected
xenial
not-affected
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
bind
suse enterprise sap 15 SP5
9.16.48-150500.8.16.1
fixed
suse enterprise sap 15 SP7
9.20.3-150700.1.6
fixed
suse enterprise server 15 SP4
9.16.48-150400.5.40.1
fixed
suse enterprise server 15 SP5
9.16.48-150500.8.16.1
fixed
suse enterprise server 15 SP7
9.20.3-150700.1.6
fixed
bind-doc
suse enterprise sap 15 SP5
9.16.48-150500.8.16.1
fixed
suse enterprise sap 15 SP7
9.20.3-150700.1.6
fixed
suse enterprise server 15 SP4
9.16.48-150400.5.40.1
fixed
suse enterprise server 15 SP5
9.16.48-150500.8.16.1
fixed
suse enterprise server 15 SP7
9.20.3-150700.1.6
fixed
bind-utils
suse enterprise desktop 15 SP5
9.16.48-150500.8.16.1
fixed
suse enterprise sap 15 SP5
9.16.48-150500.8.16.1
fixed
suse enterprise server 15 SP4
9.16.48-150400.5.40.1
fixed
suse enterprise server 15 SP5
9.16.48-150500.8.16.1
fixed
python3-bind
suse enterprise desktop 15 SP5
9.16.48-150500.8.16.1
fixed
suse enterprise sap 15 SP5
9.16.48-150500.8.16.1
fixed
suse enterprise server 15 SP4
9.16.48-150400.5.40.1
fixed
suse enterprise server 15 SP5
9.16.48-150500.8.16.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
bind
RHEL 9
32:9.16.23-18.el9_4.1
fixed
bind-chroot
RHEL 9
32:9.16.23-18.el9_4.1
fixed
bind-devel
RHEL 9
32:9.16.23-18.el9_4.1
fixed
bind-dnssec-doc
RHEL 9
32:9.16.23-18.el9_4.1
fixed
bind-dnssec-utils
RHEL 9
32:9.16.23-18.el9_4.1
fixed
bind-doc
RHEL 9
32:9.16.23-18.el9_4.1
fixed
bind-dyndb-ldap
RHEL 9
0:11.9-9.el9_4
fixed
bind-libs
RHEL 9
32:9.16.23-18.el9_4.1
fixed
bind-license
RHEL 9
32:9.16.23-18.el9_4.1
fixed
bind-utils
RHEL 9
32:9.16.23-18.el9_4.1
fixed
bind9.16
RHEL 8
32:9.16.23-0.16.el8_9.2
fixed
RHEL 8.6 AUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 E4S
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 EUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 TUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.8 AUS
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 EUS
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.4
fixed
bind9.16-chroot
RHEL 8
32:9.16.23-0.16.el8_9.2
fixed
RHEL 8.6 AUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 E4S
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 EUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 TUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.8 AUS
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 EUS
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.4
fixed
bind9.16-devel
RHEL 8
32:9.16.23-0.16.el8_9.2
fixed
RHEL 8.6 AUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 E4S
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 EUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 TUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.8 AUS
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 EUS
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.4
fixed
bind9.16-dnssec-utils
RHEL 8
32:9.16.23-0.16.el8_9.2
fixed
RHEL 8.6 AUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 E4S
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 EUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 TUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.8 AUS
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 EUS
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.4
fixed
bind9.16-doc
RHEL 8
32:9.16.23-0.16.el8_9.2
fixed
RHEL 8.6 AUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 E4S
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 EUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 TUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.8 AUS
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 EUS
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.4
fixed
bind9.16-libs
RHEL 8
32:9.16.23-0.16.el8_9.2
fixed
RHEL 8.6 AUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 E4S
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 EUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 TUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.8 AUS
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 EUS
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.4
fixed
bind9.16-license
RHEL 8
32:9.16.23-0.16.el8_9.2
fixed
RHEL 8.6 AUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 E4S
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 EUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 TUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.8 AUS
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 EUS
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.4
fixed
bind9.16-utils
RHEL 8
32:9.16.23-0.16.el8_9.2
fixed
RHEL 8.6 AUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 E4S
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 EUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 TUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.8 AUS
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 EUS
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.4
fixed
python3-bind
RHEL 9
32:9.16.23-18.el9_4.1
fixed
python3-bind9.16
RHEL 8
32:9.16.23-0.16.el8_9.2
fixed
RHEL 8.6 AUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 E4S
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 EUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.6 TUS
32:9.16.23-0.7.el8_6.5
fixed
RHEL 8.8 AUS
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 EUS
32:9.16.23-0.14.el8_8.4
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.4
fixed
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2024/02/13/1
https://kb.isc.org/docs/cve-2023-5679
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/
https://security.netapp.com/advisory/ntap-20240426-0002/
http://www.openwall.com/lists/oss-security/2024/02/13/1
https://kb.isc.org/docs/cve-2023-5679
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/
https://security.netapp.com/advisory/ntap-20240426-0002/