CVE-2024-1737

Name
CVE-2024-1737
Description
Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
vendor-advisory https://kb.isc.org/docs/cve-2024-1737
related https://kb.isc.org/docs/rrset-limits-in-zones
http://www.openwall.com/lists/oss-security/2024/07/23/1
http://www.openwall.com/lists/oss-security/2024/07/31/2

Match rules

CPE URI Source package Min version Max version
bind-9 >= 9.11.0 <= 9.11.37
bind-9 >= 9.16.0 <= 9.16.50
bind-9 >= 9.18.0 <= 9.18.27
bind-9 >= 9.19.0 <= 9.19.24
bind-9 >= 9.11.4-S1 <= 9.11.37-S1
bind-9 >= 9.16.8-S1 <= 9.16.50-S1
bind-9 >= 9.18.11-S1 <= 9.18.27-S1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
bind 3.20-main 9.18.31-r0 Mike Crute <mike@crute.us> fixed
bind 3.19-main 9.18.31-r0 Mike Crute <mike@crute.us> fixed
bind 3.18-main 9.18.31-r0 Mike Crute <mike@crute.us> fixed
bind 3.17-main 9.18.31-r0 None fixed