CVE-2023-4408

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-4408
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-4408.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-4408
Downstream
Related
Published
2024-02-13T14:15:45Z
Modified
2025-10-10T04:40:59.126859Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects both authoritative servers and recursive resolvers. This issue affects BIND 9 versions 9.0.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.

References

Affected packages

Git / gitlab.isc.org/isc-projects/bind9

Affected versions

v9.*

v9.18.0
v9.18.10
v9.18.11
v9.18.12
v9.18.13
v9.18.14
v9.18.15
v9.18.16
v9.18.17
v9.18.18
v9.18.19
v9.18.2
v9.18.20
v9.18.21
v9.18.3
v9.18.4
v9.18.5
v9.18.6
v9.18.7
v9.18.8
v9.18.9
v9.19.0
v9.19.1
v9.19.10
v9.19.11
v9.19.12
v9.19.13
v9.19.14
v9.19.15
v9.19.16
v9.19.17
v9.19.18
v9.19.19
v9.19.2
v9.19.3
v9.19.4
v9.19.5
v9.19.6
v9.19.7
v9.19.8
v9.19.9