What is the vulnerability ID for the Bind vulnerabilities?

The vulnerability ID for the Bind vulnerabilities is CVE-2023-2828.

What is the impact of the Bind vulnerabilities?

The impact of the Bind vulnerabilities is a possible denial of service due to memory consumption.

Which version of Bind is affected by the vulnerabilities?

The versions of Bind affected by the vulnerabilities are 1:9.18.12-1ubuntu1.1, 1:9.18.12-0ubuntu0.22.10.2, 1:9.18.12-0ubuntu0.22.04.2, and 1:9.16.1-0ubuntu2.15.

How can I fix the Bind vulnerabilities?

To fix the Bind vulnerabilities, update to the following versions: 1:9.18.12-1ubuntu1.1, 1:9.18.12-0ubuntu0.22.10.2, 1:9.18.12-0ubuntu0.22.04.2, or 1:9.16.1-0ubuntu2.15.

Where can I find more information about the Bind vulnerabilities?

You can find more information about the Bind vulnerabilities on the Ubuntu Security Notices website: https://ubuntu.com/security/CVE-2023-2911 and https://ubuntu.com/security/CVE-2023-2828.

Vulnerability/
USN-6183-1

21/6/2023

USN-6183-1: Bind vulnerabilities

First published: Wed Jun 21 2023(Updated: )

Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled the cache size limit. A remote attacker could possibly use this issue to consume memory, leading to a denial of service. (CVE-2023-2828) It was discovered that Bind incorrectly handled the recursive-clients quota. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-2911)

Affected Software	Affected Version	How to fix
All of
ubuntu/bind9	<1:9.18.12-1ubuntu1.1	1:9.18.12-1ubuntu1.1
	=23.04
All of
ubuntu/bind9	<1:9.18.12-0ubuntu0.22.10.2	1:9.18.12-0ubuntu0.22.10.2
	=22.10
All of
ubuntu/bind9	<1:9.18.12-0ubuntu0.22.04.2	1:9.18.12-0ubuntu0.22.04.2
	=22.04
All of
ubuntu/bind9	<1:9.16.1-0ubuntu2.15	1:9.16.1-0ubuntu2.15
	=20.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the vulnerability ID for the Bind vulnerabilities?
The vulnerability ID for the Bind vulnerabilities is CVE-2023-2828.
What is the impact of the Bind vulnerabilities?
The impact of the Bind vulnerabilities is a possible denial of service due to memory consumption.
Which version of Bind is affected by the vulnerabilities?
The versions of Bind affected by the vulnerabilities are 1:9.18.12-1ubuntu1.1, 1:9.18.12-0ubuntu0.22.10.2, 1:9.18.12-0ubuntu0.22.04.2, and 1:9.16.1-0ubuntu2.15.
How can I fix the Bind vulnerabilities?
To fix the Bind vulnerabilities, update to the following versions: 1:9.18.12-1ubuntu1.1, 1:9.18.12-0ubuntu0.22.10.2, 1:9.18.12-0ubuntu0.22.04.2, or 1:9.16.1-0ubuntu2.15.
Where can I find more information about the Bind vulnerabilities?
You can find more information about the Bind vulnerabilities on the Ubuntu Security Notices website: https://ubuntu.com/security/CVE-2023-2911 and https://ubuntu.com/security/CVE-2023-2828.

agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/title
agent/type
collector/usn
source/Ubuntu
anchor-related/USN-6183-2
agent/software-canonical-lookup
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu ubuntu
version/ubuntu ubuntu/23.04
version/ubuntu ubuntu/22.10
version/ubuntu ubuntu/22.04
version/ubuntu ubuntu/20.04