UBUNTU-CVE-2020-8621

Source
https://ubuntu.com/security/CVE-2020-8621
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-8621.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2020-8621
Related
Published
2020-08-20T00:00:00Z
Modified
2020-08-20T00:00:00Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected.

References

Affected packages

Ubuntu:20.04:LTS / bind9

Package

Name
bind9
Purl
pkg:deb/ubuntu/bind9?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:9.16.1-0ubuntu2.3

Affected versions

1:9.*

1:9.11.5.P4+dfsg-5.1ubuntu2
1:9.11.5.P4+dfsg-5.1ubuntu3
1:9.11.5.P4+dfsg-5.1ubuntu4
1:9.11.5.P4+dfsg-5.1ubuntu5
1:9.11.14+dfsg-1ubuntu1
1:9.11.14+dfsg-3ubuntu1
1:9.16.0-1ubuntu3
1:9.16.0-1ubuntu4
1:9.16.0-1ubuntu5
1:9.16.1-0ubuntu1
1:9.16.1-0ubuntu2
1:9.16.1-0ubuntu2.1
1:9.16.1-0ubuntu2.2

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "1:9.16.1-0ubuntu2.3",
            "binary_name": "bind9"
        },
        {
            "binary_version": "1:9.16.1-0ubuntu2.3",
            "binary_name": "bind9-dbgsym"
        },
        {
            "binary_version": "1:9.16.1-0ubuntu2.3",
            "binary_name": "bind9-dnsutils"
        },
        {
            "binary_version": "1:9.16.1-0ubuntu2.3",
            "binary_name": "bind9-dnsutils-dbgsym"
        },
        {
            "binary_version": "1:9.16.1-0ubuntu2.3",
            "binary_name": "bind9-doc"
        },
        {
            "binary_version": "1:9.16.1-0ubuntu2.3",
            "binary_name": "bind9-host"
        },
        {
            "binary_version": "1:9.16.1-0ubuntu2.3",
            "binary_name": "bind9-host-dbgsym"
        },
        {
            "binary_version": "1:9.16.1-0ubuntu2.3",
            "binary_name": "bind9-libs"
        },
        {
            "binary_version": "1:9.16.1-0ubuntu2.3",
            "binary_name": "bind9-libs-dbgsym"
        },
        {
            "binary_version": "1:9.16.1-0ubuntu2.3",
            "binary_name": "bind9-utils"
        },
        {
            "binary_version": "1:9.16.1-0ubuntu2.3",
            "binary_name": "bind9-utils-dbgsym"
        },
        {
            "binary_version": "1:9.16.1-0ubuntu2.3",
            "binary_name": "bind9utils"
        },
        {
            "binary_version": "1:9.16.1-0ubuntu2.3",
            "binary_name": "dnsutils"
        }
    ]
}