CVE-2023-2911

CVE-2023-2911

Name

CVE-2023-2911

Description

If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://kb.isc.org/docs/cve-2023-2911
MISC	http://www.openwall.com/lists/oss-security/2023/06/21/6
MISC	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/
MISC	https://www.debian.org/security/2023/dsa-5439
Mailing List	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/
Third Party Advisory	https://security.netapp.com/advisory/ntap-20230703-0010/

Type

URI

MISC

https://kb.isc.org/docs/cve-2023-2911

MISC

http://www.openwall.com/lists/oss-security/2023/06/21/6

MISC

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/

MISC

https://www.debian.org/security/2023/dsa-5439

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/

Third Party Advisory

https://security.netapp.com/advisory/ntap-20230703-0010/

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:isc:bind:::::supported_preview:::*`	bind	>= 9.18.11	<= 9.18.15
`cpe:2.3:a:isc:bind:::::-:::*`	bind	>= 9.18.7	<= 9.18.15
`cpe:2.3:a:isc:bind:::::supported_preview:::*`	bind	>= 9.16.33	<= 9.16.41

CPE URI

Source package

Min version

Max version

cpe:2.3:a:isc:bind:*:*:*:*:supported_preview:*:*:*

bind

>= 9.18.11

<= 9.18.15

cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*

bind

>= 9.18.7

<= 9.18.15

cpe:2.3:a:isc:bind:*:*:*:*:supported_preview:*:*:*

bind

>= 9.16.33

<= 9.16.41

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
bind	edge-main	9.18.14-r4	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.18.14-r3	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.18.14-r2	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.18.14-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.18.13-r2	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.18.13-r1	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.18.13-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.18.11-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.18.10-r0	None	possibly vulnerable
bind	edge-main	9.18.9-r0	None	possibly vulnerable
bind	edge-main	9.18.8-r0	None	possibly vulnerable
bind	edge-main	9.18.7-r0	None	possibly vulnerable
bind	3.22-main	9.18.11-r0	None	possibly vulnerable
bind	3.22-main	9.18.7-r0	None	possibly vulnerable
bind	3.21-main	9.18.11-r0	None	possibly vulnerable
bind	3.21-main	9.18.7-r0	None	possibly vulnerable
bind	3.20-main	9.18.11-r0	None	possibly vulnerable
bind	3.20-main	9.18.7-r0	None	possibly vulnerable
bind	3.19-main	9.18.11-r0	None	possibly vulnerable
bind	3.19-main	9.18.7-r0	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages