First published: Tue Jul 18 2023(Updated: )
USN-6183-1 fixed vulnerabilities in Bind. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled the cache size limit. A remote attacker could possibly use this issue to consume memory, leading to a denial of service. (CVE-2023-2828) It was discovered that Bind incorrectly handled the recursive-clients quota. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-2911)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/bind9 | <1:9.11.3+dfsg-1ubuntu1.19+esm1 | 1:9.11.3+dfsg-1ubuntu1.19+esm1 |
=18.04 | ||
All of | ||
ubuntu/bind9 | <1:9.10.3.dfsg.P4-8ubuntu1.19+esm6 | 1:9.10.3.dfsg.P4-8ubuntu1.19+esm6 |
=16.04 | ||
All of | ||
ubuntu/bind9 | <1:9.9.5.dfsg-3ubuntu0.19+esm10 | 1:9.9.5.dfsg-3ubuntu0.19+esm10 |
=14.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of USN-6183-2 is CVE-2023-2828.
USN-6183-2 affects the following software: Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS with the Bind package.
The severity of the vulnerability in USN-6183-2 is not mentioned in the provided information.
To fix the vulnerability in USN-6183-2, update the Bind package to the specified versions provided in the reference links.
You can find more information about USN-6183-2 at the following reference links: [https://ubuntu.com/security/CVE-2023-2828](https://ubuntu.com/security/CVE-2023-2828), [https://ubuntu.com/security/notices/USN-6183-1](https://ubuntu.com/security/notices/USN-6183-1), [https://ubuntu.com/security/notices/USN-6183-2](https://ubuntu.com/security/notices/USN-6183-2)