Candidate: CVE-2016-6171
PublicDate: 2017-02-09 15:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6171
 https://gitlab.labs.nic.cz/labs/knot/merge_requests/541
Description:
 Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of
 service (memory exhaustion and slave server crash) via a large zone
 transfer for (1) DDNS, (2) AXFR, or (3) IXFR.
Ubuntu-Description:
Notes:
Bugs:
 https://gitlab.labs.nic.cz/labs/knot/issues/464
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H [8.6 HIGH]
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H [8.6 HIGH]

Patches_knot:
upstream_knot: needs-triage
precise_knot: DNE
precise/esm_knot: DNE
trusty_knot: ignored (reached end-of-life)
trusty/esm_knot: DNE (trusty was needed)
vivid/stable-phone-overlay_knot: DNE
vivid/ubuntu-core_knot: DNE
wily_knot: ignored (reached end-of-life)
xenial_knot: ignored (end of standard support, was needed)
yakkety_knot: ignored (reached end-of-life)
zesty_knot: ignored (reached end-of-life)
artful_knot: ignored (reached end-of-life)
bionic_knot: not-affected (2.3.0-1)
cosmic_knot: not-affected (2.3.0-1)
disco_knot: not-affected (2.3.0-1)
eoan_knot: not-affected (2.3.0-1)
focal_knot: not-affected (2.3.0-1)
groovy_knot: not-affected (2.3.0-1)
hirsute_knot: not-affected (2.3.0-1)
impish_knot: not-affected (2.3.0-1)
jammy_knot: not-affected (2.3.0-1)
devel_knot: not-affected (2.3.0-1)