What is the severity of CVE-2024-11187?

CVE-2024-11187 has been classified with a high severity rating due to potential denial of service impacts.

How do I fix CVE-2024-11187?

To resolve CVE-2024-11187, upgrade to secure versions 1:9.18.33-1~deb12u2 or 1:9.20.5-1 of the bind9 package.

What software is affected by CVE-2024-11187?

CVE-2024-11187 affects the bind9 package versions up to 1:9.16.50-1~deb11u2, 1:9.18.28-1~deb12u2, and 1:9.20.4-4.

Can CVE-2024-11187 be exploited remotely?

Yes, CVE-2024-11187 can potentially be exploited remotely by attackers sending specially crafted queries.

What are the consequences of CVE-2024-11187 exploitation?

Exploitation of CVE-2024-11187 may result in excessive resource consumption leading to service disruptions.

Vulnerability/
CVE-2024-11187

high

7.5

CWE

405

29/1/2025

15/4/2025

22/4/2025

CVE-2024-11187: Many records in the additional section cause CPU exhaustion

First published: Wed Jan 29 2025(Updated: )

It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate resources processing the queries. Zones will usually need to have been deliberately crafted to attack this exposure.

Credit: security-officer@isc.org security-officer@isc.org

Affected Software	Affected Version	How to fix
debian/bind9	<=1:9.16.50-1~deb11u2<=1:9.16.50-1~deb11u1<=1:9.18.28-1~deb12u2<=1:9.20.4-4	1:9.18.33-1~deb12u2 1:9.20.5-1
F5 BIG-IP and BIG-IQ Centralized Management	=17.5.0>=17.1.0<=17.1.2
F5 BIG-IP and BIG-IQ Centralized Management	>=16.1.0<=16.1.5
F5 BIG-IP and BIG-IQ Centralized Management	>=15.1.0<=15.1.10

Remedy

Upgrade to the patched release most closely related to your current version of BIND 9: 9.18.33, 9.20.5, 9.21.4, or 9.18.33-S1.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-11187?
CVE-2024-11187 has been classified with a high severity rating due to potential denial of service impacts.
How do I fix CVE-2024-11187?
To resolve CVE-2024-11187, upgrade to secure versions 1:9.18.33-1~deb12u2 or 1:9.20.5-1 of the bind9 package.
What software is affected by CVE-2024-11187?
CVE-2024-11187 affects the bind9 package versions up to 1:9.16.50-1~deb11u2, 1:9.18.28-1~deb12u2, and 1:9.20.4-4.
Can CVE-2024-11187 be exploited remotely?
Yes, CVE-2024-11187 can potentially be exploited remotely by attackers sending specially crafted queries.
What are the consequences of CVE-2024-11187 exploitation?
Exploitation of CVE-2024-11187 may result in excessive resource consumption leading to service disruptions.

collector/oss-sec
source/oss-sec
alias/CVE-2024-11187
alias/CVE-2024-12705
agent/title
agent/remedy
agent/weakness
agent/type
agent/first-publish-date
collector/usn-cve
source/Ubuntu
collector/nvd-cve
source/NVD
agent/author
agent/softwarecombine
collector/security-tracker-debian
source/Debian
agent/software-canonical-lookup
collector/nvd-api
collector/mitre-cve
source/MITRE
agent/severity
agent/source
agent/description
agent/event
collector/redhat-bugzilla
source/Red Hat
agent/last-modified-date
agent/references
agent/tags
collector/f5-advisory
source/F5
package-manager/debian
vendor/f5
canonical/f5 big-ip and big-iq centralized management
version/f5 big-ip and big-iq centralized management/17.5.0
version/f5 big-ip and big-iq centralized management/17.1.0
version/f5 big-ip and big-iq centralized management/17.1.2
version/f5 big-ip and big-iq centralized management/16.1.0
version/f5 big-ip and big-iq centralized management/16.1.5
version/f5 big-ip and big-iq centralized management/15.1.0
version/f5 big-ip and big-iq centralized management/15.1.10