High severity7.5NVD Advisory· Published Jan 29, 2025· Updated Apr 15, 2026
CVE-2024-12705
CVE-2024-12705
Description
Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
30- osv-coords29 versionspkg:apk/chainguard/bindpkg:apk/chainguard/bind-devpkg:apk/chainguard/bind-dnssec-rootpkg:apk/chainguard/bind-dnssec-toolspkg:apk/chainguard/bind-docpkg:apk/chainguard/bind-libspkg:apk/chainguard/bind-pluginspkg:apk/chainguard/bind-toolspkg:apk/wolfi/bindpkg:apk/wolfi/bind-devpkg:apk/wolfi/bind-dnssec-rootpkg:apk/wolfi/bind-dnssec-toolspkg:apk/wolfi/bind-docpkg:apk/wolfi/bind-libspkg:apk/wolfi/bind-pluginspkg:apk/wolfi/bind-toolspkg:rpm/almalinux/bind9.18pkg:rpm/almalinux/bind9.18-chrootpkg:rpm/almalinux/bind9.18-develpkg:rpm/almalinux/bind9.18-dnssec-utilspkg:rpm/almalinux/bind9.18-docpkg:rpm/almalinux/bind9.18-libspkg:rpm/almalinux/bind9.18-utilspkg:rpm/opensuse/bind&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/bind&distro=openSUSE%20Tumbleweedpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP6pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7
< 0+ 28 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 32:9.18.29-1.el9_5.1
- (no CPE)range: < 32:9.18.29-1.el9_5.1
- (no CPE)range: < 32:9.18.29-1.el9_5.1
- (no CPE)range: < 32:9.18.29-1.el9_5.1
- (no CPE)range: < 32:9.18.29-1.el9_5.1
- (no CPE)range: < 32:9.18.29-1.el9_5.1
- (no CPE)range: < 32:9.18.29-1.el9_5.1
- (no CPE)range: < 9.18.33-150600.3.6.1
- (no CPE)range: < 9.20.5-1.1
- (no CPE)range: < 9.18.33-150600.3.6.1
- (no CPE)range: < 9.20.9-150700.3.3.1
- (no CPE)range: < 9.18.33-150600.3.6.1
- (no CPE)range: < 9.20.9-150700.3.3.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.