CVE-2024-4076

EUVD-2024-32639
Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure.
This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
iscbind
9.16.13 ≤
𝑥
≤ 9.16.50
ADP
iscbind
9.18.0 ≤
𝑥
≤ 9.18.27
ADP
iscbind
9.19.0 ≤
𝑥
≤ 9.19.24
ADP
iscbind
9.11.33-s1 ≤
𝑥
≤ 9.11.37-s1
ADP
iscbind
9.16.13-s1 ≤
𝑥
≤ 9.16.50-s1
ADP
iscbind
9.18.11-s1 ≤
𝑥
≤ 9.18.27-s1
ADP
Debian logo
Debian Releases
Debian Product
Codename
bind9
bookworm
1:9.18.33-1~deb12u2
fixed
bookworm (security)
1:9.18.41-1~deb12u1
fixed
bullseye
1:9.16.50-1~deb11u2
fixed
bullseye (security)
1:9.16.50-1~deb11u4
fixed
forky
1:9.20.15-2
fixed
sid
1:9.20.15-2
fixed
trixie
1:9.20.15-1~deb13u1
fixed
trixie (security)
1:9.20.15-1~deb13u1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
bind9
bionic
not-affected
focal
Fixed 1:9.18.28-0ubuntu0.20.04.1
released
jammy
Fixed 1:9.18.28-0ubuntu0.22.04.1
released
noble
Fixed 1:9.18.28-0ubuntu0.24.04.1
released
oracular
Fixed 1:9.18.28-0ubuntu1
released
plucky
Fixed 1:9.18.28-0ubuntu1
released
trusty
not-affected
xenial
not-affected
isc-dhcp
bionic
not-affected
focal
not-affected
jammy
not-affected
noble
not-affected
oracular
ignored
plucky
not-affected
trusty
not-affected
xenial
not-affected
bind9-libs
focal
not-affected
jammy
not-affected
noble
dne
oracular
dne
plucky
dne
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
bind
suse enterprise sap 15 SP5
9.16.50-150500.8.21.1
fixed
suse enterprise sap 15 SP6
9.18.28-150600.3.3.1
fixed
suse enterprise sap 15 SP7
9.20.3-150700.1.6
fixed
suse enterprise server 15 SP4
9.16.50-150400.5.43.1
fixed
suse enterprise server 15 SP5
9.16.50-150500.8.21.1
fixed
suse enterprise server 15 SP6
9.18.28-150600.3.3.1
fixed
suse enterprise server 15 SP7
9.20.3-150700.1.6
fixed
bind-doc
suse enterprise sap 15 SP5
9.16.50-150500.8.21.1
fixed
suse enterprise sap 15 SP6
9.18.28-150600.3.3.1
fixed
suse enterprise sap 15 SP7
9.20.3-150700.1.6
fixed
suse enterprise server 15 SP4
9.16.50-150400.5.43.1
fixed
suse enterprise server 15 SP5
9.16.50-150500.8.21.1
fixed
suse enterprise server 15 SP6
9.18.28-150600.3.3.1
fixed
suse enterprise server 15 SP7
9.20.3-150700.1.6
fixed
bind-utils
suse enterprise desktop 15 SP5
9.16.50-150500.8.21.1
fixed
suse enterprise desktop 15 SP6
9.18.28-150600.3.3.1
fixed
suse enterprise sap 15 SP5
9.16.50-150500.8.21.1
fixed
suse enterprise sap 15 SP6
9.18.28-150600.3.3.1
fixed
suse enterprise server 15 SP4
9.16.50-150400.5.43.1
fixed
suse enterprise server 15 SP5
9.16.50-150500.8.21.1
fixed
suse enterprise server 15 SP6
9.18.28-150600.3.3.1
fixed
python3-bind
suse enterprise desktop 15 SP5
9.16.50-150500.8.21.1
fixed
suse enterprise sap 15 SP5
9.16.50-150500.8.21.1
fixed
suse enterprise server 15 SP4
9.16.50-150400.5.43.1
fixed
suse enterprise server 15 SP5
9.16.50-150500.8.21.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
bind
RHEL 9
32:9.16.23-18.el9_4.6
fixed
bind-chroot
RHEL 9
32:9.16.23-18.el9_4.6
fixed
bind-devel
RHEL 9
32:9.16.23-18.el9_4.6
fixed
bind-dnssec-doc
RHEL 9
32:9.16.23-18.el9_4.6
fixed
bind-dnssec-utils
RHEL 9
32:9.16.23-18.el9_4.6
fixed
bind-doc
RHEL 9
32:9.16.23-18.el9_4.6
fixed
bind-dyndb-ldap
RHEL 9
0:11.9-10.el9_4
fixed
bind-libs
RHEL 9
32:9.16.23-18.el9_4.6
fixed
bind-license
RHEL 9
32:9.16.23-18.el9_4.6
fixed
bind-utils
RHEL 9
32:9.16.23-18.el9_4.6
fixed
bind9.16
RHEL 8
32:9.16.23-0.22.el8_10
fixed
RHEL 8.6 AUS
32:9.16.23-0.7.el8_6.6
fixed
RHEL 8.6 E4S
32:9.16.23-0.7.el8_6.6
fixed
RHEL 8.6 TUS
32:9.16.23-0.7.el8_6.6
fixed
RHEL 8.8 AUS
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 EUS
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.5
fixed
bind9.16-chroot
RHEL 8
32:9.16.23-0.22.el8_10
fixed
RHEL 8.6 AUS
32:9.16.23-0.7.el8_6.6
fixed
RHEL 8.6 E4S
32:9.16.23-0.7.el8_6.6
fixed
RHEL 8.6 TUS
32:9.16.23-0.7.el8_6.6
fixed
RHEL 8.8 AUS
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 EUS
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.5
fixed
bind9.16-devel
RHEL 8
32:9.16.23-0.22.el8_10
fixed
RHEL 8.8 AUS
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 EUS
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.5
fixed
bind9.16-dnssec-utils
RHEL 8
32:9.16.23-0.22.el8_10
fixed
RHEL 8.8 AUS
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 EUS
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.5
fixed
bind9.16-doc
RHEL 8
32:9.16.23-0.22.el8_10
fixed
RHEL 8.8 AUS
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 EUS
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.5
fixed
bind9.16-libs
RHEL 8
32:9.16.23-0.22.el8_10
fixed
RHEL 8.6 AUS
32:9.16.23-0.7.el8_6.6
fixed
RHEL 8.6 E4S
32:9.16.23-0.7.el8_6.6
fixed
RHEL 8.6 TUS
32:9.16.23-0.7.el8_6.6
fixed
RHEL 8.8 AUS
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 EUS
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.5
fixed
bind9.16-license
RHEL 8
32:9.16.23-0.22.el8_10
fixed
RHEL 8.6 AUS
32:9.16.23-0.7.el8_6.6
fixed
RHEL 8.6 E4S
32:9.16.23-0.7.el8_6.6
fixed
RHEL 8.6 TUS
32:9.16.23-0.7.el8_6.6
fixed
RHEL 8.8 AUS
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 EUS
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.5
fixed
bind9.16-utils
RHEL 8
32:9.16.23-0.22.el8_10
fixed
RHEL 8.6 AUS
32:9.16.23-0.7.el8_6.6
fixed
RHEL 8.6 E4S
32:9.16.23-0.7.el8_6.6
fixed
RHEL 8.6 TUS
32:9.16.23-0.7.el8_6.6
fixed
RHEL 8.8 AUS
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 EUS
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.5
fixed
python3-bind
RHEL 9
32:9.16.23-18.el9_4.6
fixed
python3-bind9.16
RHEL 8
32:9.16.23-0.22.el8_10
fixed
RHEL 8.8 AUS
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 EUS
32:9.16.23-0.14.el8_8.5
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.5
fixed
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2024/07/23/1
http://www.openwall.com/lists/oss-security/2024/07/31/2
https://kb.isc.org/docs/cve-2024-4076
http://www.openwall.com/lists/oss-security/2024/07/23/1
https://kb.isc.org/docs/cve-2024-4076
https://security.netapp.com/advisory/ntap-20240731-0001/