CVE-2015-4620

Priority
Description
name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x
before 9.10.2-P2, when configured as a recursive resolver with DNSSEC
validation, allows remote attackers to cause a denial of service (REQUIRE
assertion failure and daemon exit) by constructing crafted zone data and
then making a query for a name in that zone.
Assigned-to
mdeslaur
Notes
Package
Source: bind9 (LP Ubuntu Debian)
Upstream:released (9.9.7-P1,9.10.2-P2)
Ubuntu 14.04 ESM (Trusty Tahr):released (1:9.9.5.dfsg-3ubuntu0.3)
More Information

Updated: 2020-03-18 22:39:10 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)