CVE-2020-8621

Priority
Description
In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with
both QNAME minimization and 'forward first' then an attacker who can send
queries to it may be able to trigger the condition that will cause the
server to crash. Servers that 'forward only' are not affected.
Assigned-to
mdeslaur
Notes
amurrayAffects versions 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3
Package
Source: bind9 (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (code not present)
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (code not present)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (code not present)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (code not present)
Ubuntu 20.04 LTS (Focal Fossa):released (1:9.16.1-0ubuntu2.3)
Ubuntu 20.10 (Groovy Gorilla):released (1:9.16.6-2ubuntu1)
More Information

Updated: 2020-09-10 06:38:11 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)