High severity7.5NVD Advisory· Published Feb 13, 2024· Updated Jun 17, 2026
CVE-2023-4408
CVE-2023-4408
Description
The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects both authoritative servers and recursive resolvers. This issue affects BIND 9 versions 9.0.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
749.0.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1+ 1 more
- (no CPE)range: 9.0.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1
- (no CPE)range: 9.0.0
- osv-coords72 versionspkg:apk/chainguard/bindpkg:apk/chainguard/bind-devpkg:apk/chainguard/bind-dnssec-rootpkg:apk/chainguard/bind-dnssec-toolspkg:apk/chainguard/bind-docpkg:apk/chainguard/bind-libspkg:apk/chainguard/bind-pluginspkg:apk/chainguard/bind-toolspkg:apk/wolfi/bindpkg:apk/wolfi/bind-devpkg:apk/wolfi/bind-dnssec-rootpkg:apk/wolfi/bind-dnssec-toolspkg:apk/wolfi/bind-docpkg:apk/wolfi/bind-libspkg:apk/wolfi/bind-pluginspkg:apk/wolfi/bind-toolspkg:rpm/almalinux/bindpkg:rpm/almalinux/bind9.16pkg:rpm/almalinux/bind9.16-chrootpkg:rpm/almalinux/bind9.16-develpkg:rpm/almalinux/bind9.16-dnssec-utilspkg:rpm/almalinux/bind9.16-docpkg:rpm/almalinux/bind9.16-libspkg:rpm/almalinux/bind9.16-licensepkg:rpm/almalinux/bind9.16-utilspkg:rpm/almalinux/bind-chrootpkg:rpm/almalinux/bind-develpkg:rpm/almalinux/bind-dnssec-docpkg:rpm/almalinux/bind-dnssec-utilspkg:rpm/almalinux/bind-docpkg:rpm/almalinux/bind-dyndb-ldappkg:rpm/almalinux/bind-export-develpkg:rpm/almalinux/bind-export-libspkg:rpm/almalinux/bind-libspkg:rpm/almalinux/bind-libs-litepkg:rpm/almalinux/bind-licensepkg:rpm/almalinux/bind-lite-develpkg:rpm/almalinux/bind-pkcs11pkg:rpm/almalinux/bind-pkcs11-develpkg:rpm/almalinux/bind-pkcs11-libspkg:rpm/almalinux/bind-pkcs11-utilspkg:rpm/almalinux/bind-sdbpkg:rpm/almalinux/bind-sdb-chrootpkg:rpm/almalinux/bind-utilspkg:rpm/almalinux/python3-bindpkg:rpm/almalinux/python3-bind9.16pkg:rpm/opensuse/bind&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/bind&distro=openSUSE%20Tumbleweedpkg:rpm/suse/bind&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP5pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/bind&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205pkg:rpm/suse/bind&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/bind&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/libuv&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/libuv&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/libuv&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/libuv&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205
< 9.18.24-r0+ 71 more
- (no CPE)range: < 9.18.24-r0
- (no CPE)range: < 9.18.24-r0
- (no CPE)range: < 9.18.24-r0
- (no CPE)range: < 9.18.24-r0
- (no CPE)range: < 9.18.24-r0
- (no CPE)range: < 9.18.24-r0
- (no CPE)range: < 9.18.24-r0
- (no CPE)range: < 9.18.24-r0
- (no CPE)range: < 9.18.24-r0
- (no CPE)range: < 9.18.24-r0
- (no CPE)range: < 9.18.24-r0
- (no CPE)range: < 9.18.24-r0
- (no CPE)range: < 9.18.24-r0
- (no CPE)range: < 9.18.24-r0
- (no CPE)range: < 9.18.24-r0
- (no CPE)range: < 9.18.24-r0
- (no CPE)range: < 32:9.11.36-11.el8_9.1
- (no CPE)range: < 32:9.16.23-0.16.el8_9.2.alma.1
- (no CPE)range: < 32:9.16.23-0.16.el8_9.2.alma.1
- (no CPE)range: < 32:9.16.23-0.16.el8_9.2.alma.1
- (no CPE)range: < 32:9.16.23-0.16.el8_9.2.alma.1
- (no CPE)range: < 32:9.16.23-0.16.el8_9.2.alma.1
- (no CPE)range: < 32:9.16.23-0.16.el8_9.2.alma.1
- (no CPE)range: < 32:9.16.23-0.16.el8_9.2.alma.1
- (no CPE)range: < 32:9.16.23-0.16.el8_9.2.alma.1
- (no CPE)range: < 32:9.11.36-11.el8_9.1
- (no CPE)range: < 32:9.11.36-11.el8_9.1
- (no CPE)range: < 32:9.16.23-14.el9_3.4
- (no CPE)range: < 32:9.16.23-14.el9_3.4
- (no CPE)range: < 32:9.16.23-14.el9_3.4
- (no CPE)range: < 11.9-8.el9_3.3.alma.1
- (no CPE)range: < 32:9.11.36-11.el8_9.1
- (no CPE)range: < 32:9.11.36-11.el8_9.1
- (no CPE)range: < 32:9.11.36-11.el8_9.1
- (no CPE)range: < 32:9.11.36-11.el8_9.1
- (no CPE)range: < 32:9.11.36-11.el8_9.1
- (no CPE)range: < 32:9.11.36-11.el8_9.1
- (no CPE)range: < 32:9.11.36-11.el8_9.1
- (no CPE)range: < 32:9.11.36-11.el8_9.1
- (no CPE)range: < 32:9.11.36-11.el8_9.1
- (no CPE)range: < 32:9.11.36-11.el8_9.1
- (no CPE)range: < 32:9.11.36-11.el8_9.1
- (no CPE)range: < 32:9.11.36-11.el8_9.1
- (no CPE)range: < 32:9.11.36-11.el8_9.1
- (no CPE)range: < 32:9.11.36-11.el8_9.1
- (no CPE)range: < 32:9.16.23-0.16.el8_9.2.alma.1
- (no CPE)range: < 9.16.48-150500.8.16.1
- (no CPE)range: < 9.18.24-1.1
- (no CPE)range: < 9.16.6-150300.22.44.1
- (no CPE)range: < 9.16.6-150000.12.74.2
- (no CPE)range: < 9.16.6-150300.22.44.1
- (no CPE)range: < 9.16.48-150400.5.40.1
- (no CPE)range: < 9.16.48-150400.5.40.1
- (no CPE)range: < 9.16.48-150500.8.16.1
- (no CPE)range: < 9.16.6-150300.22.44.1
- (no CPE)range: < 9.16.48-150500.8.16.1
- (no CPE)range: < 9.11.22-3.52.1
- (no CPE)range: < 9.16.6-150000.12.74.2
- (no CPE)range: < 9.16.6-150300.22.44.1
- (no CPE)range: < 9.16.48-150400.5.40.1
- (no CPE)range: < 9.11.22-3.52.1
- (no CPE)range: < 9.16.6-150000.12.74.2
- (no CPE)range: < 9.16.6-150300.22.44.1
- (no CPE)range: < 9.16.48-150400.5.40.1
- (no CPE)range: < 9.11.22-3.52.1
- (no CPE)range: < 9.16.6-150000.12.74.2
- (no CPE)range: < 9.16.48-150400.5.40.1
- (no CPE)range: < 9.16.48-150400.5.40.1
- (no CPE)range: < 1.18.0-150000.3.2.1
- (no CPE)range: < 1.18.0-150000.3.2.1
- (no CPE)range: < 1.18.0-150000.3.2.1
- (no CPE)range: < 1.18.0-150000.3.2.1
Patches
Vulnerability mechanics
References
7- www.openwall.com/lists/oss-security/2024/02/13/1nvdMailing ListThird Party Advisory
- kb.isc.org/docs/cve-2023-4408nvdVendor Advisory
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/nvdMailing ListThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/nvdMailing ListThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/nvdMailing ListThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/nvdMailing ListThird Party Advisory
- security.netapp.com/advisory/ntap-20240426-0001/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.