#VU77612 Resource exhaustion in ISC BIND


Published: 2023-06-21

Vulnerability identifier: #VU77612

Vulnerability risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2828

CWE-ID: CWE-400

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
ISC BIND
Server applications / DNS servers

Vendor: ISC

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can cause the amount of memory used by a named resolver to go well beyond the configured max-cache-size limit. The effectiveness of the attack depends on a number of factors (e.g. query load, query patterns), but since the default value of the max-cache-size statement is 90%, in the worst case the attacker can exhaust all available memory on the host running named, leading to a denial-of-service condition.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

ISC BIND: 9.11.0 - 9.19.13

External links
http://kb.isc.org/docs/cve-2023-2828

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


SUSE update for bind
Multiple vulnerabilities in IBM QRadar Network Packet Capture
Multiple vulnerabilities in IBM Cloud Pak for Watson AIOps
Multiple vulnerabilities in Juniper Networks Session Smart Router
Multiple vulnerabilities in IBM Operational Decision Manager
Multiple vulnerabilities in IBM Netcool Operations Insight
Multiple vulnerabilities in Index Engines CyberSense
Multiple vulnerabilities in Dell ECS
Multiple vulnerabilities in IBM Storage Defender - Data Protect
Multiple vulnerabilities in IBM Cloud Pak for Business Automation