CVE-2024-1737

Summary

Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.

Affected Software

VendorProductVersion RangeStatus
ISCBIND 99.11.0 <= 9.11.37affected
ISCBIND 99.16.0 <= 9.16.50affected
ISCBIND 99.18.0 <= 9.18.27affected
ISCBIND 99.19.0 <= 9.19.24affected
ISCBIND 99.11.4-S1 <= 9.11.37-S1affected
ISCBIND 99.16.8-S1 <= 9.16.50-S1affected
ISCBIND 99.18.11-S1 <= 9.18.27-S1affected

Weaknesses

Workarounds

No workarounds known.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

References