CVE-2024-1737

HIGH7.5

BIND's database will be slow if a very large number of RRs exist at the same name

Published Jul 23, 2024

Modified 11 months ago

No fix available

Details

Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.

References

WEBhttp://www.openwall.com/lists/oss-security/2024/07/23/1 WEBhttp://www.openwall.com/lists/oss-security/2024/07/31/2 ADVISORYhttps://kb.isc.org/docs/cve-2024-1737 WEBhttps://kb.isc.org/docs/rrset-limits-in-zones WEBhttps://security.netapp.com/advisory/ntap-20240731-0003/ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2024-1737

CVSS Analysis

CVSS v3.1

7.5

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Privileges Required

NonePR:N

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedJul 23, 2024

ModifiedFeb 13, 2025