VYPR
High severity7.5NVD Advisory· Published Feb 13, 2024· Updated Jun 17, 2026

CVE-2023-4408

CVE-2023-4408

Description

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects both authoritative servers and recursive resolvers. This issue affects BIND 9 versions 9.0.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

74

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.