{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-4408", "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22", "state": "PUBLISHED", "assignerShortName": "isc", "dateReserved": "2023-08-18T07:59:28.420Z", "datePublished": "2024-02-13T14:04:17.519Z", "dateUpdated": "2024-08-02T07:24:04.673Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "404fd4d2-a609-4245-b543-2c944a302a22", "shortName": "isc", "dateUpdated": "2024-02-13T14:04:17.519Z"}, "title": "Parsing large DNS messages may cause excessive CPU load", "datePublic": "2024-02-13T00:00:00Z", "affected": [{"vendor": "ISC", "product": "BIND 9", "versions": [{"version": "9.0.0", "lessThanOrEqual": "9.16.45", "status": "affected", "versionType": "custom"}, {"version": "9.18.0", "lessThanOrEqual": "9.18.21", "status": "affected", "versionType": "custom"}, {"version": "9.19.0", "lessThanOrEqual": "9.19.19", "status": "affected", "versionType": "custom"}, {"version": "9.9.3-S1", "lessThanOrEqual": "9.11.37-S1", "status": "affected", "versionType": "custom"}, {"version": "9.16.8-S1", "lessThanOrEqual": "9.16.45-S1", "status": "affected", "versionType": "custom"}, {"version": "9.18.11-S1", "lessThanOrEqual": "9.18.21-S1", "status": "affected", "versionType": "custom"}], "defaultStatus": "unaffected"}], "metrics": [{"cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "descriptions": [{"lang": "en", "value": "The DNS message parsing code in `named` includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected `named` instance by exploiting this flaw. This issue affects both authoritative servers and recursive resolvers.\nThis issue affects BIND 9 versions 9.0.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1."}], "impacts": [{"descriptions": [{"lang": "en", "value": "By flooding the target server with queries exploiting this flaw an attacker can significantly impair the server's performance, effectively denying legitimate clients access to the DNS resolution service."}]}], "workarounds": [{"lang": "en", "value": "No workarounds known."}], "exploits": [{"lang": "en", "value": "We are not aware of any active exploits."}], "solutions": [{"lang": "en", "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.16.48, 9.18.24, 9.19.21, 9.16.48-S1, or 9.18.24-S1."}], "credits": [{"lang": "en", "value": "ISC would like to thank Shoham Danino from Reichman University, Anat Bremler-Barr from Tel-Aviv University, Yehuda Afek from Tel-Aviv University, and Yuval Shavitt from Tel-Aviv University for bringing this vulnerability to our attention."}], "references": [{"url": "https://kb.isc.org/docs/cve-2023-4408", "name": "CVE-2023-4408", "tags": ["vendor-advisory"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/13/1"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/"}, {"url": "https://security.netapp.com/advisory/ntap-20240426-0001/"}], "source": {"discovery": "EXTERNAL"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-4408", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-21T20:37:05.447060Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:27:16.918Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:24:04.673Z"}, "title": "CVE Program Container", "references": [{"url": "https://kb.isc.org/docs/cve-2023-4408", "name": "CVE-2023-4408", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/13/1", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240426-0001/", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://kb.isc.org/docs/cve-2023-4408", "name": "CVE-2023-4408", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/13/1", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240426-0001/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:24:04.673Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-4408", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-21T20:37:05.447060Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:12.582Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "Parsing large DNS messages may cause excessive CPU load", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "value": "ISC would like to thank Shoham Danino from Reichman University, Anat Bremler-Barr from Tel-Aviv University, Yehuda Afek from Tel-Aviv University, and Yuval Shavitt from Tel-Aviv University for bringing this vulnerability to our attention."}], "impacts": [{"descriptions": [{"lang": "en", "value": "By flooding the target server with queries exploiting this flaw an attacker can significantly impair the server's performance, effectively denying legitimate clients access to the DNS resolution service."}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "ISC", "product": "BIND 9", "versions": [{"status": "affected", "version": "9.0.0", "versionType": "custom", "lessThanOrEqual": "9.16.45"}, {"status": "affected", "version": "9.18.0", "versionType": "custom", "lessThanOrEqual": "9.18.21"}, {"status": "affected", "version": "9.19.0", "versionType": "custom", "lessThanOrEqual": "9.19.19"}, {"status": "affected", "version": "9.9.3-S1", "versionType": "custom", "lessThanOrEqual": "9.11.37-S1"}, {"status": "affected", "version": "9.16.8-S1", "versionType": "custom", "lessThanOrEqual": "9.16.45-S1"}, {"status": "affected", "version": "9.18.11-S1", "versionType": "custom", "lessThanOrEqual": "9.18.21-S1"}], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "We are not aware of any active exploits."}], "solutions": [{"lang": "en", "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.16.48, 9.18.24, 9.19.21, 9.16.48-S1, or 9.18.24-S1."}], "datePublic": "2024-02-13T00:00:00Z", "references": [{"url": "https://kb.isc.org/docs/cve-2023-4408", "name": "CVE-2023-4408", "tags": ["vendor-advisory"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/13/1"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/"}, {"url": "https://security.netapp.com/advisory/ntap-20240426-0001/"}], "workarounds": [{"lang": "en", "value": "No workarounds known."}], "descriptions": [{"lang": "en", "value": "The DNS message parsing code in `named` includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected `named` instance by exploiting this flaw. This issue affects both authoritative servers and recursive resolvers.\nThis issue affects BIND 9 versions 9.0.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1."}], "providerMetadata": {"orgId": "404fd4d2-a609-4245-b543-2c944a302a22", "shortName": "isc", "dateUpdated": "2024-02-13T14:04:17.519Z"}}}, "cveMetadata": {"cveId": "CVE-2023-4408", "state": "PUBLISHED", "dateUpdated": "2024-08-02T07:24:04.673Z", "dateReserved": "2023-08-18T07:59:28.420Z", "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22", "datePublished": "2024-02-13T14:04:17.519Z", "assignerShortName": "isc"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The DNS message parsing code in `named` includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected `named` instance by exploiting this flaw. This issue affects both authoritative servers and recursive resolvers.\nThis issue affects BIND 9 versions 9.0.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1."}, {"lang": "es", "value": "El c\u00f3digo de an\u00e1lisis de mensajes DNS en \"named\" incluye una secci\u00f3n cuya complejidad computacional es demasiado alta. No causa problemas para el tr\u00e1fico DNS t\u00edpico, pero las consultas y respuestas manipuladas pueden causar una carga excesiva de la CPU en la instancia \"nombrada\" afectada al explotar esta falla. Este problema afecta tanto a los servidores autorizados como a los solucionadores recursivos. Este problema afecta a las versiones de BIND 9, 9.0.0 a 9.16.45, 9.18.0 a 9.18.21, 9.19.0 a 9.19.19, 9.9.3-S1 a 9.11.37-S1, 9.16.8-S1 a 9.16. 45-S1 y 9.18.11-S1 a 9.18.21-S1."}], "id": "CVE-2023-4408", "lastModified": "2024-04-26T09:15:08.727", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-officer@isc.org", "type": "Primary"}]}, "published": "2024-02-13T14:15:45.253", "references": [{"source": "security-officer@isc.org", "url": "http://www.openwall.com/lists/oss-security/2024/02/13/1"}, {"source": "security-officer@isc.org", "url": "https://kb.isc.org/docs/cve-2023-4408"}, {"source": "security-officer@isc.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/"}, {"source": "security-officer@isc.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/"}, {"source": "security-officer@isc.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/"}, {"source": "security-officer@isc.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/"}, {"source": "security-officer@isc.org", "url": "https://security.netapp.com/advisory/ntap-20240426-0001/"}], "sourceIdentifier": "security-officer@isc.org", "vulnStatus": "Awaiting Analysis"}

{"affected_release": [{"advisory": "RHSA-2024:3741", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "bind-32:9.11.4-26.P2.el7_9.16", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2024-06-10T00:00:00Z"}, {"advisory": "RHSA-2024:3741", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "bind-dyndb-ldap-0:11.1-7.el7_9.1", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2024-06-10T00:00:00Z"}, {"advisory": "RHSA-2024:3741", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "dhcp-12:4.2.5-83.el7_9.2", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2024-06-10T00:00:00Z"}, {"advisory": "RHSA-2024:1781", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "bind9.16-32:9.16.23-0.16.el8_9.2", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-04-11T00:00:00Z"}, {"advisory": "RHSA-2024:1782", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "bind-32:9.11.36-11.el8_9.1", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-04-12T00:00:00Z"}, {"advisory": "RHSA-2024:3271", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "bind-32:9.11.36-14.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-05-22T00:00:00Z"}, {"advisory": "RHSA-2024:1782", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "bind-32:9.11.36-11.el8_9.1", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-04-12T00:00:00Z"}, {"advisory": "RHSA-2024:3271", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "bind-32:9.11.36-14.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-05-22T00:00:00Z"}, {"advisory": "RHSA-2024:2890", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "bind-32:9.11.13-6.el8_2.7", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2024-05-16T00:00:00Z"}, {"advisory": "RHSA-2024:2890", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "dhcp-12:4.3.6-40.el8_2.3", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2024-05-16T00:00:00Z"}, {"advisory": "RHSA-2024:2821", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "bind-32:9.11.26-4.el8_4.4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2024-05-13T00:00:00Z"}, {"advisory": "RHSA-2024:2821", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "dhcp-12:4.3.6-44.el8_4.3", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2024-05-13T00:00:00Z"}, {"advisory": "RHSA-2024:2821", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "bind-32:9.11.26-4.el8_4.4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2024-05-13T00:00:00Z"}, {"advisory": "RHSA-2024:2821", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "dhcp-12:4.3.6-44.el8_4.3", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2024-05-13T00:00:00Z"}, {"advisory": "RHSA-2024:2821", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "bind-32:9.11.26-4.el8_4.4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2024-05-13T00:00:00Z"}, {"advisory": "RHSA-2024:2821", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "dhcp-12:4.3.6-44.el8_4.3", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2024-05-13T00:00:00Z"}, {"advisory": "RHSA-2024:1647", "cpe": "cpe:/a:redhat:rhel_eus:8.6", "package": "bind9.16-32:9.16.23-0.7.el8_6.5", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2024-04-02T00:00:00Z"}, {"advisory": "RHSA-2024:2720", "cpe": "cpe:/a:redhat:rhel_eus:8.6", "package": "bind-32:9.11.36-3.el8_6.7", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2024-05-07T00:00:00Z"}, {"advisory": "RHSA-2024:2720", "cpe": "cpe:/a:redhat:rhel_eus:8.6", "package": "dhcp-12:4.3.6-47.el8_6.2", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2024-05-07T00:00:00Z"}, {"advisory": "RHSA-2024:1648", "cpe": "cpe:/a:redhat:rhel_eus:8.8", "package": "bind9.16-32:9.16.23-0.14.el8_8.4", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-04-02T00:00:00Z"}, {"advisory": "RHSA-2024:2721", "cpe": "cpe:/a:redhat:rhel_eus:8.8", "package": "bind-32:9.11.36-8.el8_8.4", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-05-07T00:00:00Z"}, {"advisory": "RHSA-2024:2721", "cpe": "cpe:/a:redhat:rhel_eus:8.8", "package": "dhcp-12:4.3.6-49.el8_8.1", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-05-07T00:00:00Z"}, {"advisory": "RHSA-2024:1789", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "bind-32:9.16.23-14.el9_3.4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-04-11T00:00:00Z"}, {"advisory": "RHSA-2024:1789", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "bind-dyndb-ldap-0:11.9-8.el9_3.3", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-04-11T00:00:00Z"}, {"advisory": "RHSA-2024:2551", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "bind-32:9.16.23-18.el9_4.1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-04-30T00:00:00Z"}, {"advisory": "RHSA-2024:2551", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "bind-dyndb-ldap-0:11.9-9.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-04-30T00:00:00Z"}, {"advisory": "RHSA-2024:1800", "cpe": "cpe:/a:redhat:rhel_eus:9.0", "package": "bind-32:9.16.23-1.el9_0.5", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2024-04-15T00:00:00Z"}, {"advisory": "RHSA-2024:1800", "cpe": "cpe:/a:redhat:rhel_eus:9.0", "package": "bind-dyndb-ldap-0:11.9-7.el9_0.1", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2024-04-15T00:00:00Z"}, {"advisory": "RHSA-2024:1803", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "bind-32:9.16.23-11.el9_2.4", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-04-15T00:00:00Z"}, {"advisory": "RHSA-2024:1803", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "bind-dyndb-ldap-0:11.9-8.el9_2.2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-04-15T00:00:00Z"}], "bugzilla": {"description": "bind9: Parsing large DNS messages may cause excessive CPU load", "id": "2263896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263896"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-400", "details": ["The DNS message parsing code in `named` includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected `named` instance by exploiting this flaw. This issue affects both authoritative servers and recursive resolvers.\nThis issue affects BIND 9 versions 9.0.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.", "A flaw was found in the bind package. This issue may allow a remote attacker with no specific privileges to craft a specially long DNS message leading to an excessive and uncontrolled CPU usage, the server being unavailable, and a Denial of Service."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2023-4408", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "dhcp", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-02-13T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-4408\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-4408\nhttps://kb.isc.org/docs/cve-2023-4408"], "statement": "This vulnerability in the DNS message parsing code of BIND is of important severity due to its potential to cause excessive and uncontrolled CPU usage through specially crafted DNS queries or responses. The flaw exposes both authoritative DNS servers and recursive resolvers to Denial of Service (DoS) attacks, where an attacker can exploit the high computational complexity of the parsing routine to overwhelm the server. This can lead to significant degradation of service, rendering the DNS server unresponsive and disrupting network operations.", "threat_severity": "Important", "upstream_fix": "bind 9.16.48, bind 9.18.24, bind 9.19.21"}