Vulnerabilities Identified and Patched in BIND 9 DNS Software

Home/Internet Security, malicious cyber actors, Malware, Security Advisory, Security Update, vulnerability/Vulnerabilities Identified and Patched in BIND 9 DNS Software

Vulnerabilities Identified and Patched in BIND 9 DNS Software

The BIND 9 DNS software suite, an integral part of the Domain Name System (DNS), has recently received updates to neutralize three high-priority vulnerabilities. This could potentially induce significant service interruptions. The formal designations for these vulnerabilities are CVE-2023-2828, CVE-2023-2829, and CVE-2023-2911.

CVE-2023-2828 Vulnerability

The first vulnerability, CVE-2023-2828, can be exploited to consume all available memory. It involves a function called ‘named’ within BIND , which is responsible for cleaning memory cache to prevent it from reaching its maximum value. 

CVE-2023-2829 Vulnerability

The second vulnerability, CVE-2023-2829, affects “named” instances that are configured to function as a DNSSEC-validating recursive resolver, with the “Aggressive Use of DNSSEC-Validated Cache” (RFC 8198) option enabled.

CVE-2023-2911 Vulnerability

The third, CVE-2023-2911, holds particular attention due to its impact and its potential exploitability. This vulnerability could cause the “named” function, BIND’s daemon that operates both as a recursive resolver and an authoritative name server, to terminate unexpectedly when exposed to specific queries. 

Mitigation

Network administrators and security teams are strongly advised to review their current BIND configurations, consider the potential impacts of these vulnerabilities, and apply the recommended patches or workarounds.

‍Follow Us on: Twitter, InstagramFacebook to get the latest security news!

About the Author:

FirstHackersNews- Identifies Security

Leave A Comment

Subscribe to our newsletter to receive security tips everday!