An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1:9.16.1-0ubuntu2.2", "binary_name": "bind9" }, { "binary_version": "1:9.16.1-0ubuntu2.2", "binary_name": "bind9-dbgsym" }, { "binary_version": "1:9.16.1-0ubuntu2.2", "binary_name": "bind9-dnsutils" }, { "binary_version": "1:9.16.1-0ubuntu2.2", "binary_name": "bind9-dnsutils-dbgsym" }, { "binary_version": "1:9.16.1-0ubuntu2.2", "binary_name": "bind9-doc" }, { "binary_version": "1:9.16.1-0ubuntu2.2", "binary_name": "bind9-host" }, { "binary_version": "1:9.16.1-0ubuntu2.2", "binary_name": "bind9-host-dbgsym" }, { "binary_version": "1:9.16.1-0ubuntu2.2", "binary_name": "bind9-libs" }, { "binary_version": "1:9.16.1-0ubuntu2.2", "binary_name": "bind9-libs-dbgsym" }, { "binary_version": "1:9.16.1-0ubuntu2.2", "binary_name": "bind9-utils" }, { "binary_version": "1:9.16.1-0ubuntu2.2", "binary_name": "bind9-utils-dbgsym" }, { "binary_version": "1:9.16.1-0ubuntu2.2", "binary_name": "bind9utils" }, { "binary_version": "1:9.16.1-0ubuntu2.2", "binary_name": "dnsutils" } ] }