CVE-2024-1975

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-1975

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-1975.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-1975

Downstream

ALPINE-CVE-2024-1975

BELL-CVE-2024-1975

DEBIAN-CVE-2024-1975

DSA-5734-1

OESA-2024-1969

OESA-2024-1970

OESA-2024-1971

OESA-2024-1972

OESA-2024-1973

OESA-2024-2390

RHSA-2024:5231

RHSA-2024:5390

RHSA-2024:5418

RHSA-2024:5524

RHSA-2024:5525

RHSA-2024:5655

RHSA-2024:5813

RHSA-2024:5838

RHSA-2024:5871

RHSA-2024:5894

RHSA-2024:5907

RHSA-2024:5908

RHSA-2024:5930

RLSA-2024:5390

RLSA-2024:5524

SUSE-SU-2024:2636-1

SUSE-SU-2024:2810-1

SUSE-SU-2024:2811-1

SUSE-SU-2024:2862-1

SUSE-SU-2024:2863-1

SUSE-SU-2024:2868-1

UBUNTU-CVE-2024-1975

USN-6909-1

USN-6909-2

USN-6909-3

openSUSE-SU-2024:14217-1

Related

Published

2024-07-23T15:15:03Z

Modified

2025-08-09T19:01:29Z

Summary

[none]

Details

If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests. This issue affects BIND 9 versions 9.0.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.49-S1, and 9.18.11-S1 through 9.18.27-S1.

References

Affected packages