The BIND 9 DNS software suite, an integral part of the Domain Name System (DNS), has recently received updates to neutralize three high-priority vulnerabilities. This could potentially induce significant service interruptions. The formal designations for these vulnerabilities are CVE-2023-2828, CVE-2023-2829, and CVE-2023-2911.
CVE-2023-2828 Vulnerability
The first vulnerability, CVE-2023-2828, can be exploited to consume all available memory. It involves a function called ‘named’ within BIND , which is responsible for cleaning memory cache to prevent it from reaching its maximum value.
CVE-2023-2829 Vulnerability
The second vulnerability, CVE-2023-2829, affects “named” instances that are configured to function as a DNSSEC-validating recursive resolver, with the “Aggressive Use of DNSSEC-Validated Cache” (RFC 8198) option enabled.
CVE-2023-2911 Vulnerability
The third, CVE-2023-2911, holds particular attention due to its impact and its potential exploitability. This vulnerability could cause the “named” function, BIND’s daemon that operates both as a recursive resolver and an authoritative name server, to terminate unexpectedly when exposed to specific queries.
Mitigation
Network administrators and security teams are strongly advised to review their current BIND configurations, consider the potential impacts of these vulnerabilities, and apply the recommended patches or workarounds.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment