High-Severity DoS Vulnerabilities in BIND Software Suite Addressed by ISC
July 26, 2024
The Internet Systems Consortium (ISC) has released updates for BIND, a DNS software suite, to rectify high-severity DoS vulnerabilities. If exploited remotely, these vulnerabilities could cause disruptions to DNS services.
The four vulnerabilities addressed by ISC each have a high-severity rating, with a CVSS score of 7.5. They are tracked as CVE-2024-0760, CVE-2024-1737, CVE-2024-1975, and CVE-2024-4076.
The first vulnerability, CVE-2024-4076, present in BIND 9, can trigger an assertion failure when stale data is served alongside lookups in local authoritative zone data. It affects specific versions of BIND 9.
The second vulnerability, CVE-2024-1975, also in BIND 9, allows clients to drain CPU resources by sending a stream of SIG(0) signed requests if the server hosts a “KEY” Resource Record or the resolver DNSSEC-validates such a record in cache. This vulnerability impacts various versions of BIND 9.
The third vulnerability, CVE-2024-1737, is a performance issue in BIND 9 that can occur when resolver caches or authoritative zone databases contain many resource records (RRs) for the same hostname. This flaw affects the addition or updating of content and the handling of client queries. It impacts several versions of BIND 9.
The fourth vulnerability, CVE-2024-0760, exists in certain versions of BIND 9. It allows a malicious client to send numerous DNS messages over TCP, potentially destabilizing the server during the attack. The server may recover once the attack stops. Using Access Control Lists (ACLs) does not mitigate this issue.
ISC has stated that it is not aware of any public exploits for these flaws or attacks exploiting these vulnerabilities in the wild.
Latest News
- Massive 'PKFail' Secure Boot Bypass Threatens Millions of Devices
- Acronis Alerts Users on Cyber Infrastructure Default Password Exploitation
- Exploitation of Critical ServiceNow Flaws for Data Theft: A Rising Concern
- Critical Remote Code Execution Vulnerability in Telerik Report Server: Urgent Patch Required
- Google Cloud Platform's 'ConfusedFunction' Vulnerability Uncovered by Cybersecurity Researchers
Like what you see?
Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.