CVE-2023-5680: Cleaning an ECS-enabled cache may cause excessive CPU load
First published: Tue Feb 13 2024(Updated: )
If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.
Credit: security-officer@isc.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ISC BIND | =9.11.3-s1 | |
| ISC BIND | =9.11.3-s4 | |
| ISC BIND | =9.11.4-s1 | |
| ISC BIND | =9.11.5-s3 | |
| ISC BIND | =9.11.5-s5 | |
| ISC BIND | =9.11.5-s6 | |
| ISC BIND | =9.11.6-s1 | |
| ISC BIND | =9.11.7-s1 | |
| ISC BIND | =9.11.8-s1 | |
| ISC BIND | =9.11.12-s1 | |
| ISC BIND | =9.11.21-s1 | |
| ISC BIND | =9.11.27-s1 | |
| ISC BIND | =9.11.29-s1 | |
| ISC BIND | =9.11.35-s1 | |
| ISC BIND | =9.11.37-s1 | |
| ISC BIND | =9.16.8-s1 | |
| ISC BIND | =9.16.11-s1 | |
| ISC BIND | =9.16.12-s1 | |
| ISC BIND | =9.16.13-s1 | |
| ISC BIND | =9.16.14-s1 | |
| ISC BIND | =9.16.21-s1 | |
| ISC BIND | =9.16.32-s1 | |
| ISC BIND | =9.16.36-s1 | |
| ISC BIND | =9.16.43-s1 | |
| ISC BIND | =9.18.11-s1 | |
| ISC BIND | =9.18.18-s1 | |
| ISC BIND | =9.18.21-s1 | |
| Netapp Active Iq Unified Manager Vmware Vsphere |
Remedy
Upgrade to the patched release most closely related to your current version of BIND 9: 9.16.48-S1 or 9.18.24-S1.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/author
- agent/remedy
- agent/title
- agent/severity
- agent/type
- agent/description
- agent/first-publish-date
- agent/references
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/isc
- canonical/isc bind
- version/isc bind/9.11.3-s1
- version/isc bind/9.11.3-s4
- version/isc bind/9.11.4-s1
- version/isc bind/9.11.5-s3
- version/isc bind/9.11.5-s5
- version/isc bind/9.11.5-s6
- version/isc bind/9.11.6-s1
- version/isc bind/9.11.7-s1
- version/isc bind/9.11.8-s1
- version/isc bind/9.11.12-s1
- version/isc bind/9.11.21-s1
- version/isc bind/9.11.27-s1
- version/isc bind/9.11.29-s1
- version/isc bind/9.11.35-s1
- version/isc bind/9.11.37-s1
- version/isc bind/9.16.8-s1
- version/isc bind/9.16.11-s1
- version/isc bind/9.16.12-s1
- version/isc bind/9.16.13-s1
- version/isc bind/9.16.14-s1
- version/isc bind/9.16.21-s1
- version/isc bind/9.16.32-s1
- version/isc bind/9.16.36-s1
- version/isc bind/9.16.43-s1
- version/isc bind/9.18.11-s1
- version/isc bind/9.18.18-s1
- version/isc bind/9.18.21-s1
- vendor/netapp
- canonical/netapp active iq unified manager vmware vsphere