CVE-2017-3135
MEDIUM5.9EPSS 45.4%bind9 - security update
發布日:2019/1/16修改日:2026/4/28
描述
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.
受影響套件(4)
- Alpine/bindfrom 0, < 9.10.4_p6-r0
- Debian/bind9from 0, < 1:9.10.3.dfsg.P4-12
- Debian/bind9from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u15
- Debian/bind9from 0, < 1:9.9.5.dfsg-9+deb8u10
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.9 | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |