Unrated severityNVD Advisory· Published Apr 29, 2021· Updated Sep 16, 2024
An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself
CVE-2021-25215
Description
In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9.
Affected products
50- osv-coords49 versionspkg:apk/chainguard/bindpkg:apk/chainguard/bind-devpkg:apk/chainguard/bind-dnssec-rootpkg:apk/chainguard/bind-dnssec-toolspkg:apk/chainguard/bind-docpkg:apk/chainguard/bind-libspkg:apk/chainguard/bind-pluginspkg:apk/chainguard/bind-toolspkg:apk/wolfi/bindpkg:apk/wolfi/bind-devpkg:apk/wolfi/bind-dnssec-rootpkg:apk/wolfi/bind-dnssec-toolspkg:apk/wolfi/bind-docpkg:apk/wolfi/bind-libspkg:apk/wolfi/bind-pluginspkg:apk/wolfi/bind-toolspkg:rpm/suse/bind&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/bind&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP2pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP3pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/bind&distro=SUSE%20Manager%20Proxy%204.0pkg:rpm/suse/bind&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.0pkg:rpm/suse/bind&distro=SUSE%20Manager%20Server%204.0pkg:rpm/suse/bind&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/bind&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/bind&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/bind&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
< 0+ 48 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 9.9.9P1-63.25.1
- (no CPE)range: < 9.16.6-12.49.1
- (no CPE)range: < 9.16.6-12.49.1
- (no CPE)range: < 9.16.6-12.49.1
- (no CPE)range: < 9.16.6-12.49.1
- (no CPE)range: < 9.16.6-12.49.1
- (no CPE)range: < 9.16.6-12.49.1
- (no CPE)range: < 9.16.6-22.7.1
- (no CPE)range: < 9.16.6-12.49.1
- (no CPE)range: < 9.16.6-22.7.1
- (no CPE)range: < 9.9.6P1-0.51.26.1
- (no CPE)range: < 9.9.6P1-0.51.26.1
- (no CPE)range: < 9.9.9P1-63.25.1
- (no CPE)range: < 9.9.9P1-63.25.1
- (no CPE)range: < 9.9.9P1-63.25.1
- (no CPE)range: < 9.11.22-3.34.1
- (no CPE)range: < 9.11.22-3.34.1
- (no CPE)range: < 9.16.6-12.49.1
- (no CPE)range: < 9.16.6-12.49.1
- (no CPE)range: < 9.16.6-12.49.1
- (no CPE)range: < 9.9.9P1-63.25.1
- (no CPE)range: < 9.11.22-3.34.1
- (no CPE)range: < 9.11.22-3.34.1
- (no CPE)range: < 9.16.6-12.49.1
- (no CPE)range: < 9.16.6-12.49.1
- (no CPE)range: < 9.11.22-3.34.1
- (no CPE)range: < 9.16.6-12.49.1
- (no CPE)range: < 9.16.6-12.49.1
- (no CPE)range: < 9.16.6-12.49.1
- (no CPE)range: < 9.9.9P1-63.25.1
- (no CPE)range: < 9.11.22-3.34.1
- (no CPE)range: < 9.9.9P1-63.25.1
- (no CPE)range: < 9.11.22-3.34.1
- ISC/BIND9v5Range: Open Source Branches 9.0 through 9.11 9.0.0 through versions before 9.11.30
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VEC2XG4Q2ODTN2C4CGXEIXU3EUTBMK7L/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDSRPCJQ7MZC6CENH5PO3VQOFI7VSWBE/mitrevendor-advisoryx_refsource_FEDORA
- www.debian.org/security/2021/dsa-4909mitrevendor-advisoryx_refsource_DEBIAN
- www.openwall.com/lists/oss-security/2021/04/29/1mitremailing-listx_refsource_MLIST
- www.openwall.com/lists/oss-security/2021/04/29/2mitremailing-listx_refsource_MLIST
- www.openwall.com/lists/oss-security/2021/04/29/3mitremailing-listx_refsource_MLIST
- www.openwall.com/lists/oss-security/2021/04/29/4mitremailing-listx_refsource_MLIST
- cert-portal.siemens.com/productcert/pdf/ssa-389290.pdfmitrex_refsource_CONFIRM
- kb.isc.org/v1/docs/cve-2021-25215mitrex_refsource_CONFIRM
- lists.debian.org/debian-lts-announce/2021/05/msg00001.htmlmitremailing-listx_refsource_MLIST
- security.netapp.com/advisory/ntap-20210521-0006/mitrex_refsource_CONFIRM
- www.oracle.com/security-alerts/cpuoct2021.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.