CVE-2016-2776

Priority
Medium
Description
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3,
and 9.11.x before 9.11.0rc3 does not properly construct responses, which
allows remote attackers to cause a denial of service (assertion failure and
daemon exit) via a crafted query.
References
Bugs
Assigned-to
mdeslaur
Package
Source: bind9 (LP Ubuntu Debian)
Upstream:released (9.9.9-P3,9.10.4-P3,9.11.0rc3)
Ubuntu 17.10 (Artful Aardvark):released (1:9.10.3.dfsg.P4-10.1ubuntu1)
Ubuntu 12.04 ESM (Precise Pangolin):released (1:9.8.1.dfsg.P1-4ubuntu0.17)
Ubuntu 14.04 LTS (Trusty Tahr):released (1:9.9.5.dfsg-3ubuntu0.9)
Ubuntu Core 15.04:needed
Ubuntu 16.04 LTS (Xenial Xerus):released (1:9.10.3.dfsg.P4-8ubuntu1.1)
Ubuntu 17.04 (Zesty Zapus):released (1:9.10.3.dfsg.P4-10.1ubuntu1)
More Information

Updated: 2017-08-11 23:20:10 UTC (commit 13081)