CVE-2024-1737: BIND's database will be slow if a very large number of RRs exist at the same name
First published: Fri Jul 19 2024(Updated: )
ISC BIND is vulnerable to a denial of service, caused by an error when content is being added or updated in resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE). By processing queries, a remote attacker could exploit this vulnerability to cause the database to slow down.
Credit: security-officer@isc.org security-officer@isc.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/bind9 | 1:9.16.50-1~deb11u2 1:9.16.50-1~deb11u1 1:9.18.28-1~deb12u2 1:9.18.33-1~deb12u2 1:9.20.4-4 1:9.20.5-1 |
Remedy
Upgrade to the patched release most closely related to your current version of BIND 9: 9.18.28, 9.20.0, or 9.18.28-S1.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.theregister.com/2024/07/29/infosec_roundup/
- http://www.openwall.com/lists/oss-security/2024/07/23/1
- http://www.openwall.com/lists/oss-security/2024/07/31/2
- https://kb.isc.org/docs/cve-2024-1737
- https://kb.isc.org/docs/rrset-limits-in-zones
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1737
- https://nvd.nist.gov/vuln/detail/CVE-2024-1737
- https://launchpad.net/bugs/cve/CVE-2024-1737
- https://security-tracker.debian.org/tracker/CVE-2024-1737
- https://ubuntu.com/security/CVE-2024-1737
- https://security.netapp.com/advisory/ntap-20240731-0003/
- https://access.redhat.com/errata/RHSA-2024:5231
- https://access.redhat.com/errata/RHSA-2024:5390
- https://access.redhat.com/errata/RHSA-2024:5418
- https://access.redhat.com/errata/RHSA-2024:5525
- https://access.redhat.com/errata/RHSA-2024:5524
- https://access.redhat.com/errata/RHSA-2024:5655
- https://access.redhat.com/errata/RHSA-2024:5813
- https://access.redhat.com/errata/RHSA-2024:5838
- https://access.redhat.com/errata/RHSA-2024:5871
- https://access.redhat.com/errata/RHSA-2024:5894
- https://access.redhat.com/errata/RHSA-2024:5907
- https://access.redhat.com/errata/RHSA-2024:5908
- https://access.redhat.com/errata/RHSA-2024:5930
- https://access.redhat.com/errata/RHSA-2024:6004
- https://access.redhat.com/errata/RHSA-2024:6009
- https://access.redhat.com/errata/RHSA-2024:6013
- https://access.redhat.com/errata/RHSA-2024:6406
- https://access.redhat.com/errata/RHSA-2024:6642
- https://bugzilla.redhat.com/show_bug.cgi?id=2298893
- https://www.ibm.com/support/pages/node/7182403 (Advisory)
Frequently Asked Questions
What is the severity of CVE-2024-1737?
CVE-2024-1737 is rated as a moderate severity vulnerability due to performance degradation issues.
How do I fix CVE-2024-1737?
To fix CVE-2024-1737, update to the latest version of the BIND9 package that addresses the performance issues.
Which versions of BIND9 are affected by CVE-2024-1737?
CVE-2024-1737 affects BIND9 versions 1:9.16.50-1~deb11u2, 1:9.16.50-1~deb11u1, 1:9.18.28-1~deb12u2, 1:9.20.4-3, and 1:9.20.4-4.
What type of systems are impacted by CVE-2024-1737?
CVE-2024-1737 impacts systems running the BIND9 DNS server software.
Can CVE-2024-1737 lead to denial of service conditions?
While CVE-2024-1737 primarily affects performance, degraded responsiveness may lead to service availability issues.
- agent/remedy
- agent/title
- agent/type
- collector/oss-sec
- source/oss-sec
- alias/CVE-2024-0760
- alias/CVE-2024-1737
- alias/CVE-2024-1975
- alias/CVE-2024-4076
- agent/author
- collector/the-register
- source/The Register
- collector/nvd-api
- source/NVD
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/first-publish-date
- collector/usn-cve
- source/Ubuntu
- agent/description
- collector/nvd-cve
- agent/references
- agent/trending
- agent/source
- agent/tags
- agent/event
- agent/softwarecombine
- collector/redhat-bugzilla
- source/Red Hat
- agent/last-modified-date
- collector/security-tracker-debian
- source/Debian
- collector/ibm-support
- source/IBM
- package-manager/debian