CVE-2021-25215

Description

In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Affected products

ISC / BIND9Open Source Branches 9.0 through 9.11 9.0.0 through versions before 9.11.30 – Open Source Branches 9.0 through 9.11 9.0.0 through versions before 9.11.30
ISC / BIND9Open Source Branches 9.12 through 9.16 9.12.0 through versions before 9.16.14 – Open Source Branches 9.12 through 9.16 9.12.0 through versions before 9.16.14
ISC / BIND9Supported Preview Branches 9.9-S through 9.11-S 9.9.3-S1 through versions before 9.11.30-S1 – Supported Preview Branches 9.9-S through 9.11-S 9.9.3-S1 through versions before 9.11.30-S1
ISC / BIND9Supported Preview Branch 9.16-S 9.16.8-S1 through versions before 9.16.14-S1 – Supported Preview Branch 9.16-S 9.16.8-S1 through versions before 9.16.14-S1
ISC / BIND9Development Branch 9.17 9.17.0 through versiosn before 9.17.12 – Development Branch 9.17 9.17.0 through versiosn before 9.17.12

Description

CVSS breakdown

Affected products

References